From mboxrd@z Thu Jan 1 00:00:00 1970 From: Arne Fitzenreiter To: ipfire-scm@lists.ipfire.org Subject: [git.ipfire.org] IPFire 2.x development tree branch, master, updated. 06ac824331726523e90607f472b822a9b50d156b Date: Wed, 16 Jan 2019 21:32:55 +0000 Message-ID: <20190116213257.EC01184FDD4@people01.i.ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============6777210486128463738==" List-Id: --===============6777210486128463738== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, master has been updated via 06ac824331726523e90607f472b822a9b50d156b (commit) via f0092a6e3e246846caa55458364514064f2c5103 (commit) via d499e86b168ca1267b6155496cbefa11ec11b916 (commit) via 5cf83d56fa06a2e04e70db4aba4a0fb4195a5157 (commit) via f622fd8ed09d60b627da3589d91b9fc8d6a77393 (commit) via 00f9dcd91d5edbd7ae3acd0d731c0d415079bae5 (commit) via f69aca76ea22dfac13f41225545d8c403e5327f7 (commit) via 0ca3baedfc623a968c7e38c356352b4f64c9f695 (commit) via f107bb39c53266cd7b2f70c8875dbc07221aeeab (commit) via 035f6c75aed2165a8ecd92571c48daf07edf4ab5 (commit) via 01db691a1ebd569afdc0d9304a67b4e048708b84 (commit) via 06fd3467d1fce5aa56dd255a686c2e46090e2edf (commit) via a04ec923897debb91c72b4c6223586ca0f1c7486 (commit) via 8ff42d82c4ab2d5743b1fdcd076249c7b2e51794 (commit) via 30c59cbb0b370a0fd1470087a94d91b35d4e54a3 (commit) via e3429b4aad01ad011792d00570a3190d0058e7ff (commit) via 11de35622f930cdf9cd64a786a832076ee251672 (commit) via 042a5fe60a51277d3d1c717c207858dce1d28ff1 (commit) via d381c56dc82e10ce01e68bb24b197dce0fa10580 (commit) via ff21ff90d24de0f648d24bb906c45738b81ce67a (commit) via 9d1708e081d7e7ba490db3620509dcce29cb0ae8 (commit) via b76a8a008dca77f8ea9b68c95b2d04e074dfef64 (commit) via a77870146fcf1e4575a9a0e59a85a10674599e91 (commit) via 9f6849b3adfcc8eb91549427f531bdeb89f6d750 (commit) via 4ed2162324a40bc19faf9e3cf698b8f03d256434 (commit) via 045d54c324ac17edc9074b14c5a1a3187b78c2c3 (commit) via 985741db6140464fe2f74ab76bc94223862eb6ce (commit) via af2cc3be64d82d35978590b316a46b5b206afa0d (commit) via 5321fcbff33f69e98f87bd0a354bab53e2a830bf (commit) via 7d5caee6bdbb44b688b579f9b1836bd5a3d0d619 (commit) via ae5b9c5ad5fafbb42e2d7f8201f4cbcc995bfcc4 (commit) via e26a5c488556579d1bd639b50adbc31da450e70c (commit) via e0c4ed1783d665d6f341d00e506395c507198807 (commit) via ce1f04ee404bc373169cd2e8efa7804206bc85de (commit) via c2f1b8183c5f4eb335e89676b46b11eb460b3b89 (commit) via cdd4cf4094df9562f53e175ece8f0bcc4a1cf2f1 (commit) via d68e150e865c86f8a8f784da242701215325abad (commit) via a1018d86ae3d01342758b93e6782735f7b3aa47f (commit) via 6df2d5288768ba0557b3070a52b20db95f3b88fa (commit) via fa286b133085da2776087d7890b57f96a400cc58 (commit) via 5c2a76f7b3799b78e2d9fb33d5f3d7d408b8314b (commit) via dc637f087fe07ab26ae1dee00133da69bab5e6a1 (commit) via ea72700a3b5f53680b218e9261593806bdc5f7d4 (commit) via eedca6e36c1131ce5542da5ccbfbb5667648c024 (commit) via 1a3323f2e6aa4ebe701f2e61a6829c8bedb7eb10 (commit) via 79b89b90e4b9425e29551bd8ceb8a85cd224c62d (commit) via d09cb651b5e829db009d5f0bfeb13acf353bc041 (commit) via 0cd3eab3ae87f31e3d928eb2f800e3abaf1896bf (commit) via d01b31914a69c5e1edf9a059b1fd6b8e5a90ec84 (commit) via 1338e08d0d10300a279ece4e7b4673b20209679b (commit) via 0708b3b343e5eec032c17157255f5543baf9e8d1 (commit) via 5e6f343b7d60abad53248532cd451bb9f81af84c (commit) via b15309e9d14baff65f70b3954ec337944ee1d3bd (commit) via 9ab1c9302c01f11010d0cb87a66366361465461e (commit) via bb473fd1d6e97785dee70ceb75f9b898f92fc507 (commit) via 7f90513e611040a99422b951884062e14271adc4 (commit) via 1183d50b731d6b276b26fc4d8fc680c483cb6b70 (commit) via 2aff684f37afc08d6fa4520188e460e888cee2d8 (commit) via 3407695fbcbe525d7bb860f2f796c6947b201b9c (commit) via cd309fe6a2f4b319272f94bd448fb17fce23b8fd (commit) via 0a12cd70393d3ee6f64e3d81422212eab55468f9 (commit) via 6e1aa54da0e172bf931ef13a3e1c7ad6de9b5a20 (commit) via 34ad12b165639d86f9a9709dc264cbd36c1bd2ca (commit) via e6f7f8e7ba0e716acede7f6cadf9a284d115440b (commit) via 4c83d9fbdcf137c126d0b5ed0935dbe18c9733f3 (commit) via cdaad0cdd33e63232fe8939644825619576b6be3 (commit) via c86d893830560165e065cd44ee44f13c2d7e97a7 (commit) via 13827014fcee7d3094529feb2be17513602e5421 (commit) via 49deea707bc6db5683ecc139070d5c83b89b7c48 (commit) via 4c76d08b2a1ef5ac9ff8b546c0d887e342adec1c (commit) via 67c9261257542c09407f54280e3b4e764c24ebaa (commit) via f1f40274a095f0c5173a69767d9efa647e9f1a8a (commit) via e978f0429f7f33d8eb1051b7089962d52b306792 (commit) via ae84d3745de4235efbe7cf13e9d8542df916083d (commit) via 6f1f51ba1c9e211946bb7b829bd7362ff61ecae7 (commit) via f33d28978d0014e956fb98c6dc42d79fb1a7d3d6 (commit) via cb8a25e5ec4c045f634ba585012f2edf09e6be29 (commit) via 1a26564e95b5694337e51860544e7775d35055f3 (commit) via c9ae511ecf3caea0836b06211ca49d3fec4bf6b8 (commit) via 086bb132ec3155b9221cee5acf307fabfb7515b6 (commit) via 4af8d6964beb8abc822bada4b8dc1474a098514e (commit) via 909549b1d6af51a8b18d4fc799370b32bf7861ce (commit) via 452e537092ba0310dab68e5aeaac4c96fbc4a409 (commit) via a2bcb4135bc7b64a54c06f12a0e577830ecf3ebf (commit) via 27801da08916e6826f99c2c51461d53f403aaf5b (commit) via cab2314ac41105e678be25ba379f58ec43f2ee9e (commit) via a38eb040bfcad9372bca895029d974b587aa011b (commit) via 57c04aa49db6b93dee562477ce9fec5141c787a6 (commit) via 6174b7b1c72cd5141e04ac2621eef90d86987a91 (commit) via 53ac9dd222aac232b35d0c1ce453eaf4cacc3419 (commit) via edff2bb85107c411d890b0ad4c55305fd9297566 (commit) via 848ac6900974f8ac3718c0ea4febec6e56954823 (commit) via 81e1e80e38609e01f98af649ee38e064420bab3d (commit) via 58e840bd96d6f7e34d332d8b18c95857ced5ca1d (commit) via de4f303186927ad1a7a8ff1ec221583d0f8ca047 (commit) via 707846392ee8108d15095d7bc5ee1f43a967053f (commit) via 5df66de303e799537e73c590ead94950f24f38ca (commit) via 8b02a92fe73e16538940aa030e4bcb389cce7f67 (commit) via 66f7b646cd6bf3a1f34d2ad998caad90f3c6c4fc (commit) via 7e17de5f863a96d2f4e67fd27daeade3b1b1d471 (commit) via adde1ca8ce1588997936f5b22687525a2e6637b2 (commit) via c519be42262c629abac86fb251a3f3921d42310d (commit) from ed4bbe44d121480e56c817f42f797423507c7630 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 06ac824331726523e90607f472b822a9b50d156b Author: Arne Fitzenreiter Date: Wed Jan 16 22:31:43 2019 +0100 core127: set pakfire version to 127 =20 Signed-off-by: Arne Fitzenreiter commit f0092a6e3e246846caa55458364514064f2c5103 Author: Michael Tremer Date: Sun Jan 13 12:50:26 2019 +0100 keepalived: Move change of conntrack sysctl option into package =20 The setting cannot be set on the default system because the ip_vs module is not loaded by default and there is no reason to load it just because we would be able to set the setting. =20 Signed-off-by: Michael Tremer commit d499e86b168ca1267b6155496cbefa11ec11b916 Author: Michael Tremer Date: Sun Jan 13 12:28:10 2019 +0100 GeoIP: Add accidentially removed paths to database =20 Signed-off-by: Michael Tremer commit 5cf83d56fa06a2e04e70db4aba4a0fb4195a5157 Author: Michael Tremer Date: Sun Jan 13 11:53:41 2019 +0100 firewall-lib.pl: Fix incorrect path to geoip-functions.pl =20 Signed-off-by: Michael Tremer commit f622fd8ed09d60b627da3589d91b9fc8d6a77393 Author: Arne Fitzenreiter Date: Sat Jan 12 20:01:00 2019 +0100 linux-initrd: fix build of uInit on aarch64 =20 Signed-off-by: Arne Fitzenreiter commit 00f9dcd91d5edbd7ae3acd0d731c0d415079bae5 Author: Arne Fitzenreiter Date: Sat Jan 12 09:04:23 2019 +0100 core127: fix xtables kmod rootfiles for arm32 builds =20 Signed-off-by: Arne Fitzenreiter commit f69aca76ea22dfac13f41225545d8c403e5327f7 Author: Matthias Fischer Date: Fri Jan 11 14:41:57 2019 +0100 xtables 3.2: Fix for rootfile =20 Found during the test builds... =20 Best, Matthias =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 0ca3baedfc623a968c7e38c356352b4f64c9f695 Author: Stefan Schantl Date: Fri Jan 11 10:05:24 2019 +0100 Revert "geoip-functions.pl: Re-write code to lookup the iso country code = of a given IP-address." =20 Enhanching the code to fix the lookup will rapidely slow down the lookup = speed. Because using the GeoIP2 module is no option ( the reasons have been described in the c= ommit message which will now reverted), we have decided to temporary switch back to the old module= until a nice solution has been found. =20 This reverts commit ff21ff90d24de0f648d24bb906c45738b81ce67a. =20 Signed-off-by: Stefan Schantl Signed-off-by: Michael Tremer commit f107bb39c53266cd7b2f70c8875dbc07221aeeab Author: Stefan Schantl Date: Fri Jan 11 10:05:23 2019 +0100 Revert "GeoIP: Drop legacy GeoIP perl module." =20 This reverts commit 9d1708e081d7e7ba490db3620509dcce29cb0ae8. =20 Signed-off-by: Stefan Schantl Signed-off-by: Michael Tremer commit 035f6c75aed2165a8ecd92571c48daf07edf4ab5 Author: Matthias Fischer Date: Fri Jan 11 01:32:37 2019 +0100 xtables-addons: Fix typo in lfs =20 Just some typos... =20 Best, Matthias =20 Signed-off-by: Matthias Fischer Signed-off-by: Stefan Schantl Signed-off-by: Michael Tremer commit 01db691a1ebd569afdc0d9304a67b4e048708b84 Author: Michael Tremer Date: Thu Jan 10 22:48:25 2019 +0000 Bump kernel version to ship a new PAE kernel =20 Signed-off-by: Michael Tremer commit 06fd3467d1fce5aa56dd255a686c2e46090e2edf Author: Michael Tremer Date: Thu Jan 10 22:46:31 2019 +0000 core127: Ship updated kernel modules for xtables =20 Signed-off-by: Michael Tremer commit a04ec923897debb91c72b4c6223586ca0f1c7486 Author: Michael Tremer Date: Thu Jan 10 22:43:45 2019 +0000 core127: Ship updated firewall functions library =20 Signed-off-by: Michael Tremer commit 8ff42d82c4ab2d5743b1fdcd076249c7b2e51794 Author: Stefan Schantl Date: Thu Jan 10 20:40:04 2019 +0100 firewall-lib.pl: Use get_geoip_locations from geoip-functions.pl =20 Signed-off-by: Stefan Schantl Signed-off-by: Michael Tremer commit 30c59cbb0b370a0fd1470087a94d91b35d4e54a3 Author: Stefan Schantl Date: Thu Jan 10 20:40:03 2019 +0100 geoip-locations.pl: Add get_geoip_locations(). =20 This function is used to get all available GeoIP locations. =20 The functions returns them as array, sorted in alphabetical order. =20 Reference #11959 =20 Signed-off-by: Stefan Schantl Signed-off-by: Michael Tremer commit e3429b4aad01ad011792d00570a3190d0058e7ff Author: Matthias Fischer Date: Thu Jan 10 15:30:49 2019 +0100 clamav: Update to 0.101.1 =20 For details see: https://blog.clamav.net/2019/01/clamav-01011-patch-has-been-released.html =20 Best, Matthias =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 11de35622f930cdf9cd64a786a832076ee251672 Author: Michael Tremer Date: Mon Jan 7 01:32:46 2019 +0000 core127: Ship updated tar =20 Signed-off-by: Michael Tremer commit 042a5fe60a51277d3d1c717c207858dce1d28ff1 Author: Matthias Fischer Date: Thu Jan 10 14:29:22 2019 +0100 tar: Update to 1.31, including fix for bug #11958 =20 For details see: =20 http://savannah.gnu.org/forum/forum.php?forum_id=3D9344 =20 "- Fix heap-buffer-overrun with --one-top-level. - Support for zstd compression. - The -K option interacts properly with member names given in the command= line. - Fix CVE-2018-20482" =20 This patch was reverted because 'tar 1.31' crashed when installing PakFir= e packages with the option '--no-overwrite-dir'. See: https://bugzilla.ipfire.org/show_bug.cgi?id=3D11958 =20 Included is now a patch from https://savannah.gnu.org/bugs/?55413, which = seems to fix this issue. The test cases given in https://savannah.gnu.org/bugs/?55413#comment1 ran= without problems. =20 As always, please check and confirm. =20 Best, Matthias =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit d381c56dc82e10ce01e68bb24b197dce0fa10580 Author: Michael Tremer Date: Mon Jan 7 01:28:38 2019 +0000 core127: Ship updated GeoIP functions =20 Signed-off-by: Michael Tremer commit ff21ff90d24de0f648d24bb906c45738b81ce67a Author: Stefan Schantl Date: Thu Jan 10 13:00:17 2019 +0100 geoip-functions.pl: Re-write code to lookup the iso country code of a giv= en IP-address. =20 Drop the usage of the old legacy GeoIP perl module which was not able to = handle the new GeoLite2 databases. =20 Write some code to directly access the databases and extract the required= data. =20 Usage of the GeoIP2 perl module would provide a lot of more functionality= which is not used/needed. Unfortunately ir requires at lot of additional perl modules = which are not available on IPFire and would only be build and shipped for this modu= le. Buildig all of them will slow down the entire build process, mess up the system and r= equires a lot more space on disk. =20 Fixes #11962. =20 Signed-off-by: Stefan Schantl Signed-off-by: Michael Tremer commit 9d1708e081d7e7ba490db3620509dcce29cb0ae8 Author: Stefan Schantl Date: Thu Jan 10 13:00:16 2019 +0100 GeoIP: Drop legacy GeoIP perl module. =20 The legacy GeoIP perl module cannot handle the new GeoLite2 databases provided from maxmind and therefore needs to be dropped. =20 Reference #11960 =20 Signed-off-by: Stefan Schantl Signed-off-by: Michael Tremer commit b76a8a008dca77f8ea9b68c95b2d04e074dfef64 Author: Stefan Schantl Date: Thu Jan 10 13:00:15 2019 +0100 xt_geoip_update: Adjust script to download and use the GeoLite2 database =20 Fixes #11961. =20 Signed-off-by: Stefan Schantl Signed-off-by: Michael Tremer commit a77870146fcf1e4575a9a0e59a85a10674599e91 Author: Stefan Schantl Date: Thu Jan 10 13:00:14 2019 +0100 xtables-addons: Use shipped xt_geoip_build =20 Use the shipped xt_geoip_build directly instead of holding a copy in our = GIT. =20 Reference #11959 =20 Signed-off-by: Stefan Schantl Signed-off-by: Michael Tremer commit 9f6849b3adfcc8eb91549427f531bdeb89f6d750 Author: Stefan Schantl Date: Thu Jan 10 13:00:13 2019 +0100 xtables-addons: Update to 3.2 =20 Reference #11959 =20 Signed-off-by: Stefan Schantl Signed-off-by: Michael Tremer commit 4ed2162324a40bc19faf9e3cf698b8f03d256434 Author: Michael Tremer Date: Mon Jan 7 00:34:30 2019 +0000 perl-Net-CIDR-Lite: Make rootfile work on other arches =20 Signed-off-by: Michael Tremer commit 045d54c324ac17edc9074b14c5a1a3187b78c2c3 Author: Michael Tremer Date: Mon Jan 7 00:31:46 2019 +0000 perl-Net-CIDR-Lite: Fix whitespace =20 Signed-off-by: Michael Tremer commit 985741db6140464fe2f74ab76bc94223862eb6ce Author: Stefan Schantl Date: Thu Jan 10 13:00:12 2019 +0100 perl-Net-CIDR-Lite: New package. =20 This is a runtime dependency of the xt_geoip_build perl script shipped by xtables-addons in version 3.2. =20 Reference #11960. =20 Signed-off-by: Stefan Schantl Signed-off-by: Michael Tremer commit af2cc3be64d82d35978590b316a46b5b206afa0d Author: Michael Tremer Date: Sun Jan 6 21:33:43 2019 +0000 IPVS: Enable connection tracking by default =20 Signed-off-by: Michael Tremer commit 5321fcbff33f69e98f87bd0a354bab53e2a830bf Author: Michael Tremer Date: Sun Jan 6 09:00:47 2019 +0000 Backup conntrackd's configuration file =20 Signed-off-by: Michael Tremer commit 7d5caee6bdbb44b688b579f9b1836bd5a3d0d619 Author: Michael Tremer Date: Sun Jan 6 08:59:25 2019 +0000 Add initscript for conntrackd =20 The daemon will be started by default when a configuration file exists. =20 Signed-off-by: Michael Tremer commit ae5b9c5ad5fafbb42e2d7f8201f4cbcc995bfcc4 Author: Michael Tremer Date: Sun Jan 6 07:03:08 2019 +0000 Update translations =20 Signed-off-by: Michael Tremer commit e26a5c488556579d1bd639b50adbc31da450e70c Author: Matthias Fischer Date: Tue Jan 8 14:14:41 2019 +0100 Fix typo in 'html/cgi-bin/logs.cgi/log.dat' =20 Translation string uses capital letter: 'Captive' =3D> 'Captive Portal', =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit e0c4ed1783d665d6f341d00e506395c507198807 Author: Michael Tremer Date: Tue Jan 8 16:14:01 2019 +0100 core127: Ship updated proxy.cgi and regenerate configuration =20 Signed-off-by: Michael Tremer commit ce1f04ee404bc373169cd2e8efa7804206bc85de Author: Michael Tremer Date: Tue Jan 8 16:09:46 2019 +0100 proxy: Allow selecting throttled bandwidth in MBit/s =20 Signed-off-by: Michael Tremer commit c2f1b8183c5f4eb335e89676b46b11eb460b3b89 Author: Michael Tremer Date: Tue Jan 8 16:02:05 2019 +0100 proxy: Suggest modern defaults for cache memory and disk =20 Signed-off-by: Michael Tremer commit cdd4cf4094df9562f53e175ece8f0bcc4a1cf2f1 Author: Michael Tremer Date: Tue Jan 8 16:00:05 2019 +0100 proxy: Drop support for throttling only certain mime types =20 Signed-off-by: Michael Tremer commit d68e150e865c86f8a8f784da242701215325abad Author: Michael Tremer Date: Tue Jan 8 15:54:56 2019 +0100 proxy: Drop web browser check =20 This is neither reliable nor up to date and is therefore removed =20 Signed-off-by: Michael Tremer commit a1018d86ae3d01342758b93e6782735f7b3aa47f Author: Michael Tremer Date: Tue Jan 8 15:49:18 2019 +0100 proxy: Set authentication TTL for NTLM authentication also =20 Signed-off-by: Michael Tremer commit 6df2d5288768ba0557b3070a52b20db95f3b88fa Author: Michael Tremer Date: Tue Jan 8 15:48:32 2019 +0100 proxy: Use correct authentication cache TTL for AD =20 Signed-off-by: Michael Tremer commit fa286b133085da2776087d7890b57f96a400cc58 Author: Michael Tremer Date: Tue Jan 8 15:46:20 2019 +0100 proxy: Use entered setting for auth children for AD =20 Signed-off-by: Michael Tremer commit 5c2a76f7b3799b78e2d9fb33d5f3d7d408b8314b Author: Michael Tremer Date: Tue Jan 8 15:44:19 2019 +0100 proxy: Use correct realm for AD authentication =20 Signed-off-by: Michael Tremer commit dc637f087fe07ab26ae1dee00133da69bab5e6a1 Author: Michael Tremer Date: Tue Jan 8 15:37:00 2019 +0100 proxy: Remove AUTH_IPCACHE_TTL =20 This is potentially dangerous to set larger than zero. =20 Authentication is perfomed on basis of IP addresses which is not a good idea at all. =20 Signed-off-by: Michael Tremer commit ea72700a3b5f53680b218e9261593806bdc5f7d4 Author: Michael Tremer Date: Tue Jan 8 15:27:54 2019 +0100 proxy: Drop NTLM authentication =20 This is the authentication againt NT 4.0 style domain controllers. =20 squid has dropped support for this in the 4.5 release and nobody should be using these old domain controllers any more. =20 Signed-off-by: Michael Tremer commit eedca6e36c1131ce5542da5ccbfbb5667648c024 Author: Michael Tremer Date: Tue Jan 8 03:33:37 2019 +0100 squid: Run as many redirectors as we have CPU cores =20 This makes sure that we use the optimal ratio of memory and CPU usage. =20 Signed-off-by: Michael Tremer Tested-by: Daniel Weism=C3=BCller Tested-by: Matthias Fischer commit 1a3323f2e6aa4ebe701f2e61a6829c8bedb7eb10 Author: Daniel Weism=C3=BCller Date: Tue Oct 30 12:06:59 2018 +0100 BUG 11786 - squid: Remove setting for filter processes the number of Squi= d processes =20 I added a function to determine the number of cores. Now the number of squid processes will be equal to the number of logical = cores. Further I removed the possibility of changing the number of squid processes in the proxy.cgi =20 Signed-off-by: Daniel Weism=C3=BCller Signed-off-by: root commit 79b89b90e4b9425e29551bd8ceb8a85cd224c62d Author: Michael Tremer Date: Sat Jan 5 21:12:24 2019 +0000 Revert "core127: Ship updated tar" =20 This reverts commit 9ab1c9302c01f11010d0cb87a66366361465461e. =20 Signed-off-by: Michael Tremer commit d09cb651b5e829db009d5f0bfeb13acf353bc041 Author: Michael Tremer Date: Sat Jan 5 21:11:44 2019 +0000 Revert "tar: Update to 1.31" =20 This reverts commit bb473fd1d6e97785dee70ceb75f9b898f92fc507. =20 tar crashes when used with --no-overwrite-dir. See #11958. =20 Signed-off-by: Michael Tremer commit 0cd3eab3ae87f31e3d928eb2f800e3abaf1896bf Author: Michael Tremer Date: Sat Jan 5 21:11:14 2019 +0000 core127: Ship updated snort =20 Signed-off-by: Michael Tremer commit d01b31914a69c5e1edf9a059b1fd6b8e5a90ec84 Author: Matthias Fischer Date: Sat Jan 5 10:40:08 2019 +0100 snort: Update to 2.9.12 =20 For details see: =20 Release notes: https://snort.org/downloads/snort/release_notes_2.9.12.txt =20 Changelog: https://snort.org/downloads/snort/changelog_2.9.12.txt =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 1338e08d0d10300a279ece4e7b4673b20209679b Author: Arne Fitzenreiter Date: Sun Jan 6 16:29:57 2019 +0100 core127: ship framebuffer.conf blacklist =20 the file is generated at kernel build and in core126 the module commpression was changed to xz so the list was empty. =20 Signed-off-by: Arne Fitzenreiter commit 0708b3b343e5eec032c17157255f5543baf9e8d1 Author: Arne Fitzenreiter Date: Sun Jan 6 15:53:27 2019 +0100 core127: remove double files from armv5tel filelist =20 Signed-off-by: Arne Fitzenreiter commit 5e6f343b7d60abad53248532cd451bb9f81af84c Author: Arne Fitzenreiter Date: Sun Jan 6 15:51:53 2019 +0100 python: update to 2.7.15 =20 Signed-off-by: Arne Fitzenreiter commit b15309e9d14baff65f70b3954ec337944ee1d3bd Author: Arne Fitzenreiter Date: Sat Jan 5 13:47:31 2019 +0100 transmission: update to 2.94 =20 Signed-off-by: Arne Fitzenreiter commit 9ab1c9302c01f11010d0cb87a66366361465461e Author: Michael Tremer Date: Fri Jan 4 02:43:06 2019 +0000 core127: Ship updated tar =20 Signed-off-by: Michael Tremer commit bb473fd1d6e97785dee70ceb75f9b898f92fc507 Author: Matthias Fischer Date: Fri Jan 4 18:54:49 2019 +0100 tar: Update to 1.31 =20 For details see: http://savannah.gnu.org/forum/forum.php?forum_id=3D9344 =20 "- Fix heap-buffer-overrun with --one-top-level. - Support for zstd compression. - The -K option interacts properly with member names given in the command= line. - Fix CVE-2018-20482" =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 7f90513e611040a99422b951884062e14271adc4 Author: Michael Tremer Date: Thu Jan 3 16:28:00 2019 +0000 Update translations =20 Signed-off-by: Michael Tremer commit 1183d50b731d6b276b26fc4d8fc680c483cb6b70 Author: Peter M=C3=BCller Date: Thu Jan 3 17:57:32 2019 +0100 fix SSH port description in WebUI again =20 Fixes #11881. =20 Signed-off-by: Peter M=C3=BCller Signed-off-by: Michael Tremer commit 2aff684f37afc08d6fa4520188e460e888cee2d8 Author: Michael Tremer Date: Thu Jan 3 15:12:39 2019 +0000 libvirt: The package no longer depends on jansson =20 Signed-off-by: Michael Tremer commit 3407695fbcbe525d7bb860f2f796c6947b201b9c Author: St=C3=A9phane Pautrel Date: Thu Jan 3 15:02:53 2019 +0000 Update of French translation =20 This improves the translation and enhances consistency in many places. =20 Signed-off-by: Michael Tremer commit cd309fe6a2f4b319272f94bd448fb17fce23b8fd Author: Michael Tremer Date: Thu Jan 3 14:58:47 2019 +0000 Update translations =20 Signed-off-by: Michael Tremer commit 0a12cd70393d3ee6f64e3d81422212eab55468f9 Author: Matthias Fischer Date: Wed Dec 26 14:37:25 2018 +0100 dnsforward.cgi: fix for language string =20 Hi, =20 In https://git.ipfire.org/?p=3Dipfire-2.x.git;a=3Dcommitdiff;h=3D1a26564e= 95b5694337e51860544e7775d35055f3 the language string 'dnsforward forward_server' =3D> 'DNS-Server', was de= leted and replaced by 'dnsforward forward_servers' =3D> 'DNS-Server', =20 IMHO this leads to an empty string in 'dnsforward.cgi', line 223: =20 ... $Lang::tr{'dnsforward forward_server'}:&= nbsp;3D'*' ... =20 I changed this line... =20 Best, Matthias =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 6e1aa54da0e172bf931ef13a3e1c7ad6de9b5a20 Author: Matthias Fischer Date: Thu Dec 27 01:57:18 2018 +0100 attr 2.4.47: Update for rootfile =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 34ad12b165639d86f9a9709dc264cbd36c1bd2ca Author: Michael Tremer Date: Thu Jan 3 14:53:34 2019 +0000 core127: Ship updated VPN CGI files =20 Signed-off-by: Michael Tremer commit e6f7f8e7ba0e716acede7f6cadf9a284d115440b Author: Erik Kapfer Date: Thu Jan 3 03:57:16 2019 +0100 database_attribute: Deliver/create index.txt.attr =20 Fixes #11904 =20 Since OpenSSL-1.1.0x the database attribute file for IPSec and OpenVPN wa= sn=C2=B4t created while initial PKI generation. OpenVPN delivered an error message but IPSec did crashed within the first= attempt. This problem persists also after X509 deletion and new generation. =20 index.txt.attr will now be delivered by the system but also deleted and r= ecreated while setting up a new x509. =20 Signed-off-by: Michael Tremer commit 4c83d9fbdcf137c126d0b5ed0935dbe18c9733f3 Author: Matthias Fischer Date: Wed Jan 2 16:43:42 2019 +0100 mc: Update to 4.8.22 =20 For details see: http://midnight-commander.org/wiki/NEWS-4.8.22 =20 Best, Matthias =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit cdaad0cdd33e63232fe8939644825619576b6be3 Author: Michael Tremer Date: Wed Jan 2 16:24:39 2019 +0000 libvirt: Bump package version =20 Signed-off-by: Michael Tremer commit c86d893830560165e065cd44ee44f13c2d7e97a7 Author: Matthias Fischer Date: Tue Jan 1 18:39:03 2019 +0100 squid: Update to 4.5 =20 For details see: http://www.squid-cache.org/Versions/v4/changesets/ =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 13827014fcee7d3094529feb2be17513602e5421 Author: Michael Tremer Date: Mon Dec 31 00:36:23 2018 +0000 core127: Ship updated wget =20 Signed-off-by: Michael Tremer commit 49deea707bc6db5683ecc139070d5c83b89b7c48 Author: Matthias Fischer Date: Thu Dec 27 18:16:35 2018 +0100 wget: Update to 1.20.1 =20 This is a bugfix release: =20 "due to some privacy issues in default settings of Wget, we introduce this bugfix release. =20 The --xattr option (saving original URL and Referer into extended file attributes) was introduced and enabled by default since Wget 1.19. It possibly saved - possibly unrecognized by the user - credentials, access tokes etc that were included in the requested URL. =20 We changed three details as a countermeasure, see below in the NEWS secti= on. =20 With Best Regards, Tim =20 ... =20 NEWS =20 * Changes in Wget 1.20.1 =20 ** --xattr is no longer default since it introduces privacy issues. =20 ** --xattr saves the Referer as scheme/host/port, user/pw/path/query/fragment are no longer saved to prevent privacy issues. =20 ** --xattr saves the Original URL without user/password to prevent privacy issues." =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 4c76d08b2a1ef5ac9ff8b546c0d887e342adec1c Author: Arne Fitzenreiter Date: Wed Jan 2 15:33:16 2019 +0100 kernel: fix generation of framebuffer blacklist =20 modules are now xz compressed. =20 Signed-off-by: Arne Fitzenreiter commit 67c9261257542c09407f54280e3b4e764c24ebaa Author: Arne Fitzenreiter Date: Fri Dec 28 16:05:38 2018 +0100 mpd: add soxr dependency =20 Signed-off-by: Arne Fitzenreiter commit f1f40274a095f0c5173a69767d9efa647e9f1a8a Author: Arne Fitzenreiter Date: Sun Dec 23 11:12:15 2018 +0100 u-boot: fix x86 builds =20 Signed-off-by: Arne Fitzenreiter commit e978f0429f7f33d8eb1051b7089962d52b306792 Author: Michael Tremer Date: Wed Dec 19 23:38:48 2018 +0000 keepalived: Fix incorrect path in initscript =20 This path to keepalived was just incorrect and therefore the daemon could not easily be reloaded. =20 Signed-off-by: Michael Tremer commit ae84d3745de4235efbe7cf13e9d8542df916083d Author: Arne Fitzenreiter Date: Thu Dec 20 08:04:22 2018 +0100 u-boot: fix typo in boot.scr =20 fix serial console output on RPi3 B+ at aarch64 =20 Signed-off-by: Arne Fitzenreiter commit 6f1f51ba1c9e211946bb7b829bd7362ff61ecae7 Author: Michael Tremer Date: Wed Dec 19 21:01:20 2018 +0100 core127: Ship DNS forwarding settings =20 Signed-off-by: Michael Tremer commit f33d28978d0014e956fb98c6dc42d79fb1a7d3d6 Author: Michael Tremer Date: Wed Dec 19 21:00:21 2018 +0100 unbound: Use correct parameter for IP addresses and hostnames =20 Signed-off-by: Michael Tremer commit cb8a25e5ec4c045f634ba585012f2edf09e6be29 Author: Michael Tremer Date: Wed Dec 19 20:47:41 2018 +0100 DNS Forwarding: Let UI accept hostnames, too =20 Signed-off-by: Michael Tremer commit 1a26564e95b5694337e51860544e7775d35055f3 Author: Michael Tremer Date: Wed Dec 19 20:42:46 2018 +0100 DNS Forwarding: Allow passing multiple name servers (separated by comma) =20 Signed-off-by: Michael Tremer commit c9ae511ecf3caea0836b06211ca49d3fec4bf6b8 Author: Michael Tremer Date: Wed Dec 19 20:23:59 2018 +0100 unbound: Allow forwarding to multiple servers at the same time =20 Signed-off-by: Michael Tremer commit 086bb132ec3155b9221cee5acf307fabfb7515b6 Author: Michael Tremer Date: Wed Dec 19 18:55:23 2018 +0000 ipvsadm: Update to 1.29 =20 Signed-off-by: Michael Tremer commit 4af8d6964beb8abc822bada4b8dc1474a098514e Author: Michael Tremer Date: Wed Dec 19 15:42:23 2018 +0000 pcre: Enable JIT =20 This is now possible because we no longer run grsecurity-enabled kernels. The performance of PCRE increases dramatically and applications like the IDS benefit hugely: =20 https://blog.inliniac.net/2011/10/12/suricata-and-pcre-performance/ =20 Signed-off-by: Michael Tremer commit 909549b1d6af51a8b18d4fc799370b32bf7861ce Author: Jonatan Schlag Date: Thu Dec 13 17:02:44 2018 +0000 Update libvirt to version 4.10 =20 This partially fixes #11941 as libvirt now states clearly that seccomp needs to be disabled =20 Signed-off-by: Jonatan Schlag Signed-off-by: Michael Tremer commit 452e537092ba0310dab68e5aeaac4c96fbc4a409 Author: Michael Tremer Date: Tue Dec 18 22:32:07 2018 +0000 core127: Ship updated squid =20 Signed-off-by: Michael Tremer commit a2bcb4135bc7b64a54c06f12a0e577830ecf3ebf Author: Matthias Fischer Date: Thu Dec 13 18:40:24 2018 +0100 squid: Update to 4.4 (stable) =20 For details see: http://www.squid-cache.org/Versions/v4/changesets/ =20 In July 2018, 'squid 4' was "released for production use", see: https://wiki.squid-cache.org/Squid-4 =20 "The features have been set and large code changes are reserved for later= versions." =20 I've tested almost all 4.x-versions and patch series before with good res= ults. Right now, 4.4 is running here with no seen problems together with 'squidclamav', 'squidguard' and 'privoxy'. =20 I too would declare this version stable. =20 Best, Matthias =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 27801da08916e6826f99c2c51461d53f403aaf5b Author: erik.kapfer Date: Fri Dec 14 12:43:00 2018 +0100 unbound: Add TFO support for unbound =20 For further informations, see https://tools.ietf.org/html/rfc7413 =20 Signed-off-by: erik.kapfer Signed-off-by: Michael Tremer commit cab2314ac41105e678be25ba379f58ec43f2ee9e Author: Matthias Fischer Date: Fri Dec 14 21:20:15 2018 +0100 bind: Update to 9.11.5-P1 =20 For details see: http://ftp.isc.org/isc/bind9/9.11.5-P1/RELEASE-NOTES-bind-9.11.5-P1.html =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit a38eb040bfcad9372bca895029d974b587aa011b Author: Michael Tremer Date: Tue Dec 18 22:28:59 2018 +0000 sqlite: Update to 3.26.0 =20 Signed-off-by: Michael Tremer commit 57c04aa49db6b93dee562477ce9fec5141c787a6 Author: Michael Tremer Date: Sun Dec 16 22:23:50 2018 +0000 Revert "make.sh: Build in ramdisk" =20 This reverts commit 6174b7b1c72cd5141e04ac2621eef90d86987a91. =20 This had absolutely no effect on build time or rather made it slower. So this is being reverted to save ourselves the RAM. =20 Signed-off-by: Michael Tremer commit 6174b7b1c72cd5141e04ac2621eef90d86987a91 Author: Michael Tremer Date: Sun Dec 16 16:50:13 2018 +0000 make.sh: Build in ramdisk =20 This is an experimental change that I want to trial to speed up the nightly builds. The build environment will be mounted in a ramdisk and the build will be performed in there. =20 This will hopefully reduce IO on the (slow) replicated disks. =20 If there is no significant performance gain from this, this commit will be reverted. =20 To enable this, USE_RAMDISK must be set to 1 in .config. =20 Signed-off-by: Michael Tremer commit 53ac9dd222aac232b35d0c1ce453eaf4cacc3419 Author: Matthias Fischer Date: Wed Dec 12 20:41:54 2018 +0100 unbound: Update to 1.8.3 =20 For details see: https://nlnetlabs.nl/svn/unbound/tags/release-1.8.3/doc/Changelog =20 "Fix dns64 allocation in wrong region for returned internal queries." =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit edff2bb85107c411d890b0ad4c55305fd9297566 Author: Michael Tremer Date: Thu Dec 13 13:11:01 2018 +0000 core127: Ship updated grub =20 It doesn't need to be re-installed because no system with that configuration should exist right now. =20 Signed-off-by: Michael Tremer commit 848ac6900974f8ac3718c0ea4febec6e56954823 Author: Stefan Schantl Date: Thu Dec 13 12:52:50 2018 +0100 grub: xfs: Accept filesystem with sparse inodes =20 Signed-off-by: Stefan Schantl Tested-by: Stefan Schantl Signed-off-by: Michael Tremer commit 81e1e80e38609e01f98af649ee38e064420bab3d Author: Michael Tremer Date: Wed Dec 12 11:34:12 2018 +0000 AWS: Prefer red* or eth* when importing configuration =20 This change is necessary to make sure that the script prefers are link with internet access. That would usually be red (after the second boot) or eth* (on the first boot). =20 That allows (and ensures) that we can install packages in the user-data script. =20 Signed-off-by: Michael Tremer commit 58e840bd96d6f7e34d332d8b18c95857ced5ca1d Author: Michael Tremer Date: Tue Dec 11 20:43:24 2018 +0000 installer: Intialize part_boot_efi_idx =20 This variable was not initialized on systems where EFI was not in use. Therefore the generated parted command line was not valid and caused the installation to abort. =20 Signed-off-by: Michael Tremer commit de4f303186927ad1a7a8ff1ec221583d0f8ca047 Author: Michael Tremer Date: Tue Dec 11 19:46:10 2018 +0000 core127: Ship updated unbound =20 Signed-off-by: Michael Tremer commit 707846392ee8108d15095d7bc5ee1f43a967053f Author: Matthias Fischer Date: Sat Dec 8 18:13:23 2018 +0100 unbound: Update to 1.8.2 =20 For details see: https://nlnetlabs.nl/projects/unbound/download/ =20 Best, Matthias =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 5df66de303e799537e73c590ead94950f24f38ca Author: Matthias Fischer Date: Sat Dec 8 18:21:19 2018 +0100 clamav: Update to 0.101.0 =20 For details see: https://blog.clamav.net/ =20 Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 8b02a92fe73e16538940aa030e4bcb389cce7f67 Author: Michael Tremer Date: Tue Dec 11 19:41:31 2018 +0000 core127: Ship updated fireinfo =20 Signed-off-by: Michael Tremer commit 66f7b646cd6bf3a1f34d2ad998caad90f3c6c4fc Author: Michael Tremer Date: Tue Dec 11 19:41:09 2018 +0000 Start Core Update 127 =20 Signed-off-by: Michael Tremer commit 7e17de5f863a96d2f4e67fd27daeade3b1b1d471 Author: Michael Tremer Date: Tue Dec 11 19:38:21 2018 +0000 fireinfo: Add authentication for upstream proxies =20 Signed-off-by: Michael Tremer commit adde1ca8ce1588997936f5b22687525a2e6637b2 Merge: c519be422 ed4bbe44d Author: Arne Fitzenreiter Date: Tue Dec 11 08:01:59 2018 +0100 Merge branch 'master' into next commit c519be42262c629abac86fb251a3f3921d42310d Author: Michael Tremer Date: Mon Dec 10 00:36:04 2018 +0000 haproxy: Create/restore backup when package is installed/uninstalled =20 Fixes: #11946 Signed-off-by: Michael Tremer ----------------------------------------------------------------------- Summary of changes: config/backup/include | 1 + config/cfgroot/general-functions.pl | 7 + config/cfgroot/geoip-functions.pl | 36 ++ config/cfgroot/useragents | 25 -- config/firewall/firewall-lib.pl | 32 +- .../includes/lcdproc =3D> ovpn/certs/index.txt.attr} | 0 config/rootfiles/common/aarch64/initscripts | 4 + config/rootfiles/common/aarch64/linux-initrd | 2 +- config/rootfiles/common/aarch64/python | 43 ++- config/rootfiles/common/armv5tel/initscripts | 4 + config/rootfiles/common/armv5tel/python | 43 ++- config/rootfiles/common/attr | 7 +- config/rootfiles/common/bind | 2 +- config/rootfiles/common/configroot | 2 +- config/rootfiles/common/i586/initscripts | 4 + config/rootfiles/common/i586/python | 43 ++- config/rootfiles/common/openvpn | 1 + .../common/{HTML-Tagset =3D> perl-Net-CIDR-Lite} | 12 +- config/rootfiles/common/squid | 64 ++- config/rootfiles/common/unbound | 2 +- config/rootfiles/common/x86_64/initscripts | 4 + config/rootfiles/common/x86_64/python | 43 ++- config/rootfiles/common/xtables-addons | 2 +- config/rootfiles/core/{126 =3D> 127}/exclude | 0 config/rootfiles/core/127/filelists/aarch64/files | 9 + .../124 =3D> core/127}/filelists/aarch64/grub | 0 config/rootfiles/core/127/filelists/aarch64/python | 1 + .../core/127/filelists/aarch64/xtables-addons-kmod | 18 + .../127/filelists/armv5tel/files} | 0 .../rootfiles/core/127/filelists/armv5tel/python | 1 + .../armv5tel/xtables-addons-kmod-kirkwood | 18 + .../filelists/armv5tel/xtables-addons-kmod-multi | 18 + config/rootfiles/core/127/filelists/files | 20 + .../{oldcore/44 =3D> core/127}/filelists/fireinfo | 0 .../{oldcore/100 =3D> core/127}/filelists/i586/grub | 0 .../112 =3D> core/127}/filelists/i586/python | 0 .../core/127/filelists/i586/xtables-addons-kmod | 18 + .../{oldcore/101 =3D> core/127}/filelists/pcre | 0 .../core/127/filelists/perl-Net-CIDR-Lite | 1 + .../{oldcore/104 =3D> core/127}/filelists/snort | 0 .../{oldcore/125 =3D> core/127}/filelists/sqlite | 0 .../{oldcore/100 =3D> core/127}/filelists/squid | 0 .../{oldcore/121 =3D> core/127}/filelists/tar | 0 .../{oldcore/106 =3D> core/127}/filelists/unbound | 0 .../{oldcore/104 =3D> core/127}/filelists/wget | 0 .../100 =3D> core/127}/filelists/x86_64/grub | 0 .../112 =3D> core/127}/filelists/x86_64/python | 0 .../core/127/filelists/x86_64/xtables-addons-kmod | 18 + .../121 =3D> core/127}/filelists/xtables-addons | 0 .../rootfiles/{oldcore/125 =3D> core/127}/update.sh | 21 +- config/rootfiles/{core =3D> oldcore}/126/exclude | 0 .../{core =3D> oldcore}/126/filelists/aarch64/linux | 0 .../126/filelists/aarch64/linux-initrd | 0 .../126/filelists/armv5tel/linux-initrd-kirkwood | 0 .../126/filelists/armv5tel/linux-initrd-multi | 0 .../126/filelists/armv5tel/linux-kirkwood | 0 .../126/filelists/armv5tel/linux-multi | 0 .../rootfiles/{core =3D> oldcore}/126/filelists/bind | 0 .../{core =3D> oldcore}/126/filelists/files | 0 .../{core =3D> oldcore}/126/filelists/i586/linux | 0 .../126/filelists/i586/linux-initrd | 0 .../{core =3D> oldcore}/126/filelists/libconfig | 0 .../{core =3D> oldcore}/126/filelists/openssl | 0 .../{core =3D> oldcore}/126/filelists/openssl-compat | 0 .../{core =3D> oldcore}/126/filelists/x86_64/linux | 0 .../126/filelists/x86_64/linux-initrd | 0 config/rootfiles/{core =3D> oldcore}/126/update.sh | 0 config/rootfiles/packages/clamav | 15 +- config/rootfiles/packages/libvirt | 397 +++++++++++-------- config/rootfiles/packages/mc | 2 + config/u-boot/boot.cmd | 2 +- config/u-boot/boot.scr | Bin 2463 -> 2463 bytes doc/language_issues.de | 30 +- doc/language_issues.en | 35 +- doc/language_issues.es | 33 +- doc/language_issues.fr | 37 +- doc/language_issues.it | 33 +- doc/language_issues.nl | 33 +- doc/language_issues.pl | 33 +- doc/language_issues.ru | 33 +- doc/language_issues.tr | 33 +- doc/language_missings | 20 +- html/cgi-bin/dnsforward.cgi | 34 +- html/cgi-bin/ids.cgi | 4 +- html/cgi-bin/logs.cgi/log.dat | 2 +- html/cgi-bin/ovpnmain.cgi | 9 + html/cgi-bin/proxy.cgi | 429 ++-----------------= -- html/cgi-bin/vpnmain.cgi | 9 + langs/de/cgi-bin/de.pl | 5 +- langs/en/cgi-bin/en.pl | 5 +- langs/fr/cgi-bin/fr.pl | 242 ++++++------ lfs/bind | 4 +- lfs/clamav | 6 +- lfs/configroot | 3 +- lfs/fireinfo | 1 + lfs/grub | 1 + lfs/haproxy | 2 +- lfs/initscripts | 3 + lfs/ipvsadm | 8 +- lfs/keepalived | 2 +- lfs/libvirt | 8 +- lfs/linux | 8 +- lfs/linux-initrd | 8 +- lfs/mc | 6 +- lfs/mpd | 2 +- lfs/pcre | 2 +- lfs/{perl-Sort-Naturally =3D> perl-Net-CIDR-Lite} | 12 +- lfs/python | 9 +- lfs/python-optional-src | 6 +- lfs/snort | 8 +- lfs/sqlite | 4 +- lfs/squid | 12 +- lfs/tar | 7 +- lfs/transmission | 9 +- lfs/unbound | 6 +- lfs/wget | 4 +- lfs/xtables-addons | 8 +- make.sh | 7 +- src/initscripts/packages/keepalived | 8 +- src/initscripts/system/aws | 3 +- src/initscripts/system/conntrackd | 41 ++ src/initscripts/system/unbound | 20 +- src/installer/hw.c | 4 +- src/paks/haproxy/install.sh | 1 + src/paks/haproxy/uninstall.sh | 1 + ...upport-upstream-proxy-with-authentication.patch | 61 +++ ...-xfs-accept-filesystem-with-sparse-inodes.patch | 60 +++ src/patches/python-2.7.13-getentropy.patch | 22 -- ...tion_via_D_in_ERR_SECURE_CONNECT_FAIL_306.patch | 72 ---- ..._memory_leak_when_parsing_SNMP_packet_313.patch | 22 -- ...ch =3D> squid-4.5-fix-max-file-descriptors.patch} | 4 +- src/patches/tar/01_extract.c.patch | 12 + src/patches/transmission-2.92-openssl-1.1.0.patch | 261 ------------- src/scripts/xt_geoip_build | 89 ----- src/scripts/xt_geoip_update | 63 ++- 135 files changed, 1427 insertions(+), 1474 deletions(-) delete mode 100644 config/cfgroot/useragents copy config/{backup/includes/lcdproc =3D> ovpn/certs/index.txt.attr} (100%) copy config/rootfiles/common/{HTML-Tagset =3D> perl-Net-CIDR-Lite} (52%) copy config/rootfiles/core/{126 =3D> 127}/exclude (100%) create mode 100644 config/rootfiles/core/127/filelists/aarch64/files copy config/rootfiles/{oldcore/124 =3D> core/127}/filelists/aarch64/grub (10= 0%) create mode 120000 config/rootfiles/core/127/filelists/aarch64/python create mode 100644 config/rootfiles/core/127/filelists/aarch64/xtables-addon= s-kmod copy config/rootfiles/{oldcore/124/filelists/aarch64/files-aarch64 =3D> core= /127/filelists/armv5tel/files} (100%) create mode 120000 config/rootfiles/core/127/filelists/armv5tel/python create mode 100644 config/rootfiles/core/127/filelists/armv5tel/xtables-addo= ns-kmod-kirkwood create mode 100644 config/rootfiles/core/127/filelists/armv5tel/xtables-addo= ns-kmod-multi create mode 100644 config/rootfiles/core/127/filelists/files copy config/rootfiles/{oldcore/44 =3D> core/127}/filelists/fireinfo (100%) copy config/rootfiles/{oldcore/100 =3D> core/127}/filelists/i586/grub (100%) copy config/rootfiles/{oldcore/112 =3D> core/127}/filelists/i586/python (100= %) create mode 100644 config/rootfiles/core/127/filelists/i586/xtables-addons-k= mod copy config/rootfiles/{oldcore/101 =3D> core/127}/filelists/pcre (100%) create mode 120000 config/rootfiles/core/127/filelists/perl-Net-CIDR-Lite copy config/rootfiles/{oldcore/104 =3D> core/127}/filelists/snort (100%) copy config/rootfiles/{oldcore/125 =3D> core/127}/filelists/sqlite (100%) copy config/rootfiles/{oldcore/100 =3D> core/127}/filelists/squid (100%) copy config/rootfiles/{oldcore/121 =3D> core/127}/filelists/tar (100%) copy config/rootfiles/{oldcore/106 =3D> core/127}/filelists/unbound (100%) copy config/rootfiles/{oldcore/104 =3D> core/127}/filelists/wget (100%) copy config/rootfiles/{oldcore/100 =3D> core/127}/filelists/x86_64/grub (100= %) copy config/rootfiles/{oldcore/112 =3D> core/127}/filelists/x86_64/python (1= 00%) create mode 100644 config/rootfiles/core/127/filelists/x86_64/xtables-addons= -kmod copy config/rootfiles/{oldcore/121 =3D> core/127}/filelists/xtables-addons (= 100%) copy config/rootfiles/{oldcore/125 =3D> core/127}/update.sh (90%) rename config/rootfiles/{core =3D> oldcore}/126/exclude (100%) rename config/rootfiles/{core =3D> oldcore}/126/filelists/aarch64/linux (100= %) rename config/rootfiles/{core =3D> oldcore}/126/filelists/aarch64/linux-init= rd (100%) rename config/rootfiles/{core =3D> oldcore}/126/filelists/armv5tel/linux-ini= trd-kirkwood (100%) rename config/rootfiles/{core =3D> oldcore}/126/filelists/armv5tel/linux-ini= trd-multi (100%) rename config/rootfiles/{core =3D> oldcore}/126/filelists/armv5tel/linux-kir= kwood (100%) rename config/rootfiles/{core =3D> oldcore}/126/filelists/armv5tel/linux-mul= ti (100%) rename config/rootfiles/{core =3D> oldcore}/126/filelists/bind (100%) rename config/rootfiles/{core =3D> oldcore}/126/filelists/files (100%) rename config/rootfiles/{core =3D> oldcore}/126/filelists/i586/linux (100%) rename config/rootfiles/{core =3D> oldcore}/126/filelists/i586/linux-initrd = (100%) rename config/rootfiles/{core =3D> oldcore}/126/filelists/libconfig (100%) rename config/rootfiles/{core =3D> oldcore}/126/filelists/openssl (100%) rename config/rootfiles/{core =3D> oldcore}/126/filelists/openssl-compat (10= 0%) rename config/rootfiles/{core =3D> oldcore}/126/filelists/x86_64/linux (100%) rename config/rootfiles/{core =3D> oldcore}/126/filelists/x86_64/linux-initr= d (100%) rename config/rootfiles/{core =3D> oldcore}/126/update.sh (100%) copy lfs/{perl-Sort-Naturally =3D> perl-Net-CIDR-Lite} (95%) create mode 100755 src/initscripts/system/conntrackd create mode 100644 src/patches/fireinfo-support-upstream-proxy-with-authenti= cation.patch create mode 100644 src/patches/grub-2.02-xfs-accept-filesystem-with-sparse-i= nodes.patch delete mode 100644 src/patches/python-2.7.13-getentropy.patch delete mode 100644 src/patches/squid/01_Certificate_fields_injection_via_D_i= n_ERR_SECURE_CONNECT_FAIL_306.patch delete mode 100644 src/patches/squid/02_Fix_memory_leak_when_parsing_SNMP_pa= cket_313.patch rename src/patches/squid/{squid-3.5.28-fix-max-file-descriptors.patch =3D> s= quid-4.5-fix-max-file-descriptors.patch} (92%) create mode 100644 src/patches/tar/01_extract.c.patch delete mode 100644 src/patches/transmission-2.92-openssl-1.1.0.patch delete mode 100644 src/scripts/xt_geoip_build Difference in files: diff --git a/config/backup/include b/config/backup/include index 75bd85807..6c7affa20 100644 --- a/config/backup/include +++ b/config/backup/include @@ -1,3 +1,4 @@ +/etc/conntrackd/conntrackd.conf /etc/group /etc/hosts* /etc/httpd/server.crt diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-fun= ctions.pl index 0577afe28..e8495e885 100644 --- a/config/cfgroot/general-functions.pl +++ b/config/cfgroot/general-functions.pl @@ -1165,5 +1165,12 @@ sub dnssec_status() { =20 return $status; } +sub number_cpu_cores() { + open my $cpuinfo, "/proc/cpuinfo" or die "Can't open cpuinfo: $!\n"; + my $cores =3D scalar (map /^processor/, <$cpuinfo>); + close $cpuinfo; + + return $cores; +} =20 1; diff --git a/config/cfgroot/geoip-functions.pl b/config/cfgroot/geoip-functio= ns.pl index be50d5e14..d03503a3f 100644 --- a/config/cfgroot/geoip-functions.pl +++ b/config/cfgroot/geoip-functions.pl @@ -26,6 +26,9 @@ package GeoIP; use Geo::IP::PurePerl; use Locale::Codes::Country; =20 +my $geoip_database_dir =3D "/var/lib/GeoIP"; +my $location_database =3D "GeoLite2-Country-Locations-en.csv"; + my $database; =20 sub lookup($) { @@ -117,4 +120,37 @@ sub get_full_country_name($) { return $name; } =20 +# Function to get all available GeoIP locations. +sub get_geoip_locations() { + my @locations; + + # Open the location database. + open(LOCATION, "$geoip_database_dir/$location_database") or die "Could not = open $geoip_database_dir/$location_database. $!\n"; + + # Loop through the file. + while(my $line =3D ) { + # Remove newlines. + chomp($line); + + # Split the line content. + my ($geoname_id, $locale_code, $continent_code, $continent_name, $country_= iso_code, $country_name, $is_in_european_union) =3D split(/\,/, $line); + + # Check if the country_iso_code is upper case. + if($country_iso_code =3D~ /[A-Z]/) { + # Add the current ISO code. + push(@locations, $country_iso_code); + } + } + + # Close filehandle. + close(LOCATION); + + # Sort locations array in alphabetical order. + my @sorted_locations =3D sort(@locations); + + # Return the array.. + return @sorted_locations; +} + + 1; diff --git a/config/cfgroot/useragents b/config/cfgroot/useragents deleted file mode 100644 index d5164fd63..000000000 --- a/config/cfgroot/useragents +++ /dev/null @@ -1,25 +0,0 @@ -APTGET,apt-get,(APT\-HTTP) -AOL,AOL,(AOL) -AVANT,AvantBrowser,(avantbrowser) -CHROME,Chrome,(Chrome) -FIREFOX,Firefox,(Firefox) -FRONTPAGE,FrontPage,(FrontPage) -GEARTH,Google Earth,(kh_lt\/LT) -GECKO,Gecko compatible,(Gecko) -GETRIGHT,GetRight,(GetRight) -GOZILLA,Go!Zilla,(Go!Zilla) -GOOGLE,Google Toolbar,(Google\sToolbar) -JAVA,Java,(Java) -KONQUEROR,Konqueror,(Konqueror) -LIBWWWPERL,libwww-perl,(libwww-perl) -LYNX,Lynx,(Lynx) -MSIE,Internet Explorer,(MSIE.*[)]$) -NETSCAPE,Netscape,(^Mozilla\/4.[7|8])|(Netscape) -OPERA,Opera,(Opera) -SAFARI,Safari,(Safari) -SYMLU,Symantec LiveUpdate,(Symantec\sLiveUpdate) -THUNDERBIRD,Thunderbird,(Thunderbird) -WGA,WGA,(LegitCheck) -WGET,Wget,(Wget) -WINUPD,Windows Update,(Industry\sUpdate\sControl)|(Windows\sUpdate)|(Service= \sPack\sSetup)|(Progressive\sDownload)|(Windows\-Update\-Agent)|(Microsoft\sB= ITS) -WMP,Media Player,(Windows\-Media\-Player)|(NSPlayer) diff --git a/config/firewall/firewall-lib.pl b/config/firewall/firewall-lib.pl index 9b7f55c9d..2820eea65 100644 --- a/config/firewall/firewall-lib.pl +++ b/config/firewall/firewall-lib.pl @@ -39,6 +39,7 @@ my %ovpnsettings=3D(); my %aliases=3D(); =20 require '/var/ipfire/general-functions.pl'; +require '/var/ipfire/geoip-functions.pl'; =20 my $confignet =3D "${General::swroot}/fwhosts/customnetworks"; my $confighost =3D "${General::swroot}/fwhosts/customhosts"; @@ -591,36 +592,7 @@ sub get_internal_firewall_ip_address } =20 sub get_geoip_locations() { - # Path to the directory which contains the binary geoip - # databases. - my $directory=3D"/usr/share/xt_geoip/LE"; - - # Array to store the final country list. - my @country_codes =3D (); - - # Open location and do a directory listing. - opendir(DIR, "$directory"); - my @locations =3D readdir(DIR); - closedir(DIR); - - # Loop through the directory listing, and cut of the file extensions. - foreach my $location (sort @locations) { - # skip . and .. - next if($location =3D~ /^\.$/); - next if($location =3D~ /^\.\.$/); - - # Remove whitespaces. - chomp($location); - - # Cut-off file extension. - my ($country_code, $extension) =3D split(/\./, $location); - - # Add country code to array. - push(@country_codes, $country_code); - } - - # Return final array. - return @country_codes; + return &GeoIP::get_geoip_locations(); } =20 return 1; diff --git a/config/ovpn/certs/index.txt.attr b/config/ovpn/certs/index.txt.a= ttr new file mode 100644 index 000000000..e69de29bb diff --git a/config/rootfiles/common/aarch64/initscripts b/config/rootfiles/c= ommon/aarch64/initscripts index 18adeea21..367a0a725 100644 --- a/config/rootfiles/common/aarch64/initscripts +++ b/config/rootfiles/common/aarch64/initscripts @@ -12,6 +12,7 @@ etc/rc.d/init.d/checkfs etc/rc.d/init.d/cleanfs etc/rc.d/init.d/collectd etc/rc.d/init.d/connectd +etc/rc.d/init.d/conntrackd etc/rc.d/init.d/console etc/rc.d/init.d/dhcp etc/rc.d/init.d/dhcrelay @@ -103,6 +104,7 @@ etc/rc.d/rc0.d/K45random etc/rc.d/rc0.d/K47setclock etc/rc.d/rc0.d/K49cyrus-sasl etc/rc.d/rc0.d/K51vnstat +etc/rc.d/rc0.d/K77conntrackd etc/rc.d/rc0.d/K78snort etc/rc.d/rc0.d/K79leds etc/rc.d/rc0.d/K79unbound @@ -131,6 +133,7 @@ etc/rc.d/rc3.d/S19smartenabler etc/rc.d/rc3.d/S19wlanclient etc/rc.d/rc3.d/S20network etc/rc.d/rc3.d/S21leds +etc/rc.d/rc3.d/S22conntrackd etc/rc.d/rc3.d/S24cyrus-sasl etc/rc.d/rc3.d/S30sshd etc/rc.d/rc3.d/S32apache @@ -154,6 +157,7 @@ etc/rc.d/rc6.d/K45random etc/rc.d/rc6.d/K47setclock etc/rc.d/rc6.d/K49cyrus-sasl etc/rc.d/rc6.d/K51vnstat +etc/rc.d/rc6.d/K77conntrackd etc/rc.d/rc6.d/K78snort etc/rc.d/rc6.d/K79leds etc/rc.d/rc6.d/K79unbound diff --git a/config/rootfiles/common/aarch64/linux-initrd b/config/rootfiles/= common/aarch64/linux-initrd index a5a0da72e..8abbf654a 100644 --- a/config/rootfiles/common/aarch64/linux-initrd +++ b/config/rootfiles/common/aarch64/linux-initrd @@ -1,2 +1,2 @@ -#boot/uInit-KVER-ipfire +boot/uInit-KVER-ipfire boot/initramfs-KVER-ipfire.img diff --git a/config/rootfiles/common/aarch64/python b/config/rootfiles/common= /aarch64/python index 463dfed8f..3259a241b 100644 --- a/config/rootfiles/common/aarch64/python +++ b/config/rootfiles/common/aarch64/python @@ -1463,8 +1463,8 @@ usr/lib/python2.7/encodings/zlib_codec.pyc #usr/lib/python2.7/ensurepip/__main__.pyc #usr/lib/python2.7/ensurepip/__main__.pyo #usr/lib/python2.7/ensurepip/_bundled -#usr/lib/python2.7/ensurepip/_bundled/pip-9.0.1-py2.py3-none-any.whl -#usr/lib/python2.7/ensurepip/_bundled/setuptools-28.8.0-py2.py3-none-any.whl +#usr/lib/python2.7/ensurepip/_bundled/pip-9.0.3-py2.py3-none-any.whl +#usr/lib/python2.7/ensurepip/_bundled/setuptools-39.0.1-py2.py3-none-any.whl #usr/lib/python2.7/ensurepip/_uninstall.py #usr/lib/python2.7/ensurepip/_uninstall.pyc #usr/lib/python2.7/ensurepip/_uninstall.pyo @@ -1926,7 +1926,7 @@ usr/lib/python2.7/json/tool.pyc usr/lib/python2.7/keyword.pyc #usr/lib/python2.7/keyword.pyo #usr/lib/python2.7/lib-dynload -#usr/lib/python2.7/lib-dynload/Python-2.7.13-py2.7.egg-info +#usr/lib/python2.7/lib-dynload/Python-2.7.15-py2.7.egg-info usr/lib/python2.7/lib-dynload/_bisect.so usr/lib/python2.7/lib-dynload/_bsddb.so usr/lib/python2.7/lib-dynload/_codecs_cn.so @@ -2100,9 +2100,9 @@ usr/lib/python2.7/lib-dynload/zlib.so #usr/lib/python2.7/lib-tk/turtle.pyo #usr/lib/python2.7/lib2to3 #usr/lib/python2.7/lib2to3/Grammar.txt -#usr/lib/python2.7/lib2to3/Grammar2.7.13.final.0.pickle +#usr/lib/python2.7/lib2to3/Grammar2.7.15.final.0.pickle #usr/lib/python2.7/lib2to3/PatternGrammar.txt -#usr/lib/python2.7/lib2to3/PatternGrammar2.7.13.final.0.pickle +#usr/lib/python2.7/lib2to3/PatternGrammar2.7.15.final.0.pickle #usr/lib/python2.7/lib2to3/__init__.py #usr/lib/python2.7/lib2to3/__init__.pyc #usr/lib/python2.7/lib2to3/__init__.pyo @@ -2752,6 +2752,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/__init__.py #usr/lib/python2.7/test/__init__.pyc #usr/lib/python2.7/test/__init__.pyo +#usr/lib/python2.7/test/__main__.py +#usr/lib/python2.7/test/__main__.pyc +#usr/lib/python2.7/test/__main__.pyo #usr/lib/python2.7/test/_mock_backport.py #usr/lib/python2.7/test/_mock_backport.pyc #usr/lib/python2.7/test/_mock_backport.pyo @@ -2790,6 +2793,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/badsyntax_future8.py #usr/lib/python2.7/test/badsyntax_future9.py #usr/lib/python2.7/test/badsyntax_nocaret.py +#usr/lib/python2.7/test/bisect.py +#usr/lib/python2.7/test/bisect.pyc +#usr/lib/python2.7/test/bisect.pyo #usr/lib/python2.7/test/capath #usr/lib/python2.7/test/capath/0e4015b9.0 #usr/lib/python2.7/test/capath/4e1295a3.0 @@ -3040,6 +3046,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/mp_fork_bomb.py #usr/lib/python2.7/test/mp_fork_bomb.pyc #usr/lib/python2.7/test/mp_fork_bomb.pyo +#usr/lib/python2.7/test/multibytecodec_support.py +#usr/lib/python2.7/test/multibytecodec_support.pyc +#usr/lib/python2.7/test/multibytecodec_support.pyo #usr/lib/python2.7/test/nokia.pem #usr/lib/python2.7/test/nullbytecert.pem #usr/lib/python2.7/test/nullcert.pem @@ -3065,6 +3074,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/pystone.py #usr/lib/python2.7/test/pystone.pyc #usr/lib/python2.7/test/pystone.pyo +#usr/lib/python2.7/test/pythoninfo.py +#usr/lib/python2.7/test/pythoninfo.pyc +#usr/lib/python2.7/test/pythoninfo.pyo #usr/lib/python2.7/test/randv2_32.pck #usr/lib/python2.7/test/randv2_64.pck #usr/lib/python2.7/test/randv3.pck @@ -3098,7 +3110,6 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/seq_tests.pyc #usr/lib/python2.7/test/seq_tests.pyo #usr/lib/python2.7/test/sgml_input.html -#usr/lib/python2.7/test/sha256.pem #usr/lib/python2.7/test/sortperf.py #usr/lib/python2.7/test/sortperf.pyc #usr/lib/python2.7/test/sortperf.pyo @@ -3118,6 +3129,13 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.py #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.pyc #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.pyo +#usr/lib/python2.7/test/support +#usr/lib/python2.7/test/support/__init__.py +#usr/lib/python2.7/test/support/__init__.pyc +#usr/lib/python2.7/test/support/__init__.pyo +#usr/lib/python2.7/test/support/script_helper.py +#usr/lib/python2.7/test/support/script_helper.pyc +#usr/lib/python2.7/test/support/script_helper.pyo #usr/lib/python2.7/test/symlink_support.py #usr/lib/python2.7/test/symlink_support.pyc #usr/lib/python2.7/test/symlink_support.pyo @@ -3663,6 +3681,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_import.py #usr/lib/python2.7/test/test_import.pyc #usr/lib/python2.7/test/test_import.pyo +#usr/lib/python2.7/test/test_import_magic.py +#usr/lib/python2.7/test/test_import_magic.pyc +#usr/lib/python2.7/test/test_import_magic.pyo #usr/lib/python2.7/test/test_importhooks.py #usr/lib/python2.7/test/test_importhooks.pyc #usr/lib/python2.7/test/test_importhooks.pyo @@ -3792,9 +3813,6 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_multibytecodec.py #usr/lib/python2.7/test/test_multibytecodec.pyc #usr/lib/python2.7/test/test_multibytecodec.pyo -#usr/lib/python2.7/test/test_multibytecodec_support.py -#usr/lib/python2.7/test/test_multibytecodec_support.pyc -#usr/lib/python2.7/test/test_multibytecodec_support.pyo #usr/lib/python2.7/test/test_multifile.py #usr/lib/python2.7/test/test_multifile.pyc #usr/lib/python2.7/test/test_multifile.pyo @@ -3963,6 +3981,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_readline.py #usr/lib/python2.7/test/test_readline.pyc #usr/lib/python2.7/test/test_readline.pyo +#usr/lib/python2.7/test/test_regrtest.py +#usr/lib/python2.7/test/test_regrtest.pyc +#usr/lib/python2.7/test/test_regrtest.pyo #usr/lib/python2.7/test/test_repr.py #usr/lib/python2.7/test/test_repr.pyc #usr/lib/python2.7/test/test_repr.pyo @@ -4140,6 +4161,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_tempfile.py #usr/lib/python2.7/test/test_tempfile.pyc #usr/lib/python2.7/test/test_tempfile.pyo +#usr/lib/python2.7/test/test_test_support.py +#usr/lib/python2.7/test/test_test_support.pyc +#usr/lib/python2.7/test/test_test_support.pyo #usr/lib/python2.7/test/test_textwrap.py #usr/lib/python2.7/test/test_textwrap.pyc #usr/lib/python2.7/test/test_textwrap.pyo @@ -4373,6 +4397,7 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/win_console_handler.pyo #usr/lib/python2.7/test/wrongcert.pem #usr/lib/python2.7/test/xmltestdata +#usr/lib/python2.7/test/xmltestdata/expat224_utf8_bug.xml #usr/lib/python2.7/test/xmltestdata/simple-ns.xml #usr/lib/python2.7/test/xmltestdata/simple.xml #usr/lib/python2.7/test/xmltestdata/test.xml diff --git a/config/rootfiles/common/armv5tel/initscripts b/config/rootfiles/= common/armv5tel/initscripts index 18adeea21..367a0a725 100644 --- a/config/rootfiles/common/armv5tel/initscripts +++ b/config/rootfiles/common/armv5tel/initscripts @@ -12,6 +12,7 @@ etc/rc.d/init.d/checkfs etc/rc.d/init.d/cleanfs etc/rc.d/init.d/collectd etc/rc.d/init.d/connectd +etc/rc.d/init.d/conntrackd etc/rc.d/init.d/console etc/rc.d/init.d/dhcp etc/rc.d/init.d/dhcrelay @@ -103,6 +104,7 @@ etc/rc.d/rc0.d/K45random etc/rc.d/rc0.d/K47setclock etc/rc.d/rc0.d/K49cyrus-sasl etc/rc.d/rc0.d/K51vnstat +etc/rc.d/rc0.d/K77conntrackd etc/rc.d/rc0.d/K78snort etc/rc.d/rc0.d/K79leds etc/rc.d/rc0.d/K79unbound @@ -131,6 +133,7 @@ etc/rc.d/rc3.d/S19smartenabler etc/rc.d/rc3.d/S19wlanclient etc/rc.d/rc3.d/S20network etc/rc.d/rc3.d/S21leds +etc/rc.d/rc3.d/S22conntrackd etc/rc.d/rc3.d/S24cyrus-sasl etc/rc.d/rc3.d/S30sshd etc/rc.d/rc3.d/S32apache @@ -154,6 +157,7 @@ etc/rc.d/rc6.d/K45random etc/rc.d/rc6.d/K47setclock etc/rc.d/rc6.d/K49cyrus-sasl etc/rc.d/rc6.d/K51vnstat +etc/rc.d/rc6.d/K77conntrackd etc/rc.d/rc6.d/K78snort etc/rc.d/rc6.d/K79leds etc/rc.d/rc6.d/K79unbound diff --git a/config/rootfiles/common/armv5tel/python b/config/rootfiles/commo= n/armv5tel/python index 9248201f9..586755c9b 100644 --- a/config/rootfiles/common/armv5tel/python +++ b/config/rootfiles/common/armv5tel/python @@ -1463,8 +1463,8 @@ usr/lib/python2.7/encodings/zlib_codec.pyc #usr/lib/python2.7/ensurepip/__main__.pyc #usr/lib/python2.7/ensurepip/__main__.pyo #usr/lib/python2.7/ensurepip/_bundled -#usr/lib/python2.7/ensurepip/_bundled/pip-9.0.1-py2.py3-none-any.whl -#usr/lib/python2.7/ensurepip/_bundled/setuptools-28.8.0-py2.py3-none-any.whl +#usr/lib/python2.7/ensurepip/_bundled/pip-9.0.3-py2.py3-none-any.whl +#usr/lib/python2.7/ensurepip/_bundled/setuptools-39.0.1-py2.py3-none-any.whl #usr/lib/python2.7/ensurepip/_uninstall.py #usr/lib/python2.7/ensurepip/_uninstall.pyc #usr/lib/python2.7/ensurepip/_uninstall.pyo @@ -1926,7 +1926,7 @@ usr/lib/python2.7/json/tool.pyc usr/lib/python2.7/keyword.pyc #usr/lib/python2.7/keyword.pyo #usr/lib/python2.7/lib-dynload -#usr/lib/python2.7/lib-dynload/Python-2.7.13-py2.7.egg-info +#usr/lib/python2.7/lib-dynload/Python-2.7.15-py2.7.egg-info usr/lib/python2.7/lib-dynload/_bisect.so usr/lib/python2.7/lib-dynload/_bsddb.so usr/lib/python2.7/lib-dynload/_codecs_cn.so @@ -2102,9 +2102,9 @@ usr/lib/python2.7/lib-dynload/zlib.so #usr/lib/python2.7/lib-tk/turtle.pyo #usr/lib/python2.7/lib2to3 #usr/lib/python2.7/lib2to3/Grammar.txt -#usr/lib/python2.7/lib2to3/Grammar2.7.13.final.0.pickle +#usr/lib/python2.7/lib2to3/Grammar2.7.15.final.0.pickle #usr/lib/python2.7/lib2to3/PatternGrammar.txt -#usr/lib/python2.7/lib2to3/PatternGrammar2.7.13.final.0.pickle +#usr/lib/python2.7/lib2to3/PatternGrammar2.7.15.final.0.pickle #usr/lib/python2.7/lib2to3/__init__.py #usr/lib/python2.7/lib2to3/__init__.pyc #usr/lib/python2.7/lib2to3/__init__.pyo @@ -2754,6 +2754,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/__init__.py #usr/lib/python2.7/test/__init__.pyc #usr/lib/python2.7/test/__init__.pyo +#usr/lib/python2.7/test/__main__.py +#usr/lib/python2.7/test/__main__.pyc +#usr/lib/python2.7/test/__main__.pyo #usr/lib/python2.7/test/_mock_backport.py #usr/lib/python2.7/test/_mock_backport.pyc #usr/lib/python2.7/test/_mock_backport.pyo @@ -2792,6 +2795,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/badsyntax_future8.py #usr/lib/python2.7/test/badsyntax_future9.py #usr/lib/python2.7/test/badsyntax_nocaret.py +#usr/lib/python2.7/test/bisect.py +#usr/lib/python2.7/test/bisect.pyc +#usr/lib/python2.7/test/bisect.pyo #usr/lib/python2.7/test/capath #usr/lib/python2.7/test/capath/0e4015b9.0 #usr/lib/python2.7/test/capath/4e1295a3.0 @@ -3042,6 +3048,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/mp_fork_bomb.py #usr/lib/python2.7/test/mp_fork_bomb.pyc #usr/lib/python2.7/test/mp_fork_bomb.pyo +#usr/lib/python2.7/test/multibytecodec_support.py +#usr/lib/python2.7/test/multibytecodec_support.pyc +#usr/lib/python2.7/test/multibytecodec_support.pyo #usr/lib/python2.7/test/nokia.pem #usr/lib/python2.7/test/nullbytecert.pem #usr/lib/python2.7/test/nullcert.pem @@ -3067,6 +3076,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/pystone.py #usr/lib/python2.7/test/pystone.pyc #usr/lib/python2.7/test/pystone.pyo +#usr/lib/python2.7/test/pythoninfo.py +#usr/lib/python2.7/test/pythoninfo.pyc +#usr/lib/python2.7/test/pythoninfo.pyo #usr/lib/python2.7/test/randv2_32.pck #usr/lib/python2.7/test/randv2_64.pck #usr/lib/python2.7/test/randv3.pck @@ -3100,7 +3112,6 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/seq_tests.pyc #usr/lib/python2.7/test/seq_tests.pyo #usr/lib/python2.7/test/sgml_input.html -#usr/lib/python2.7/test/sha256.pem #usr/lib/python2.7/test/sortperf.py #usr/lib/python2.7/test/sortperf.pyc #usr/lib/python2.7/test/sortperf.pyo @@ -3120,6 +3131,13 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.py #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.pyc #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.pyo +#usr/lib/python2.7/test/support +#usr/lib/python2.7/test/support/__init__.py +#usr/lib/python2.7/test/support/__init__.pyc +#usr/lib/python2.7/test/support/__init__.pyo +#usr/lib/python2.7/test/support/script_helper.py +#usr/lib/python2.7/test/support/script_helper.pyc +#usr/lib/python2.7/test/support/script_helper.pyo #usr/lib/python2.7/test/symlink_support.py #usr/lib/python2.7/test/symlink_support.pyc #usr/lib/python2.7/test/symlink_support.pyo @@ -3665,6 +3683,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_import.py #usr/lib/python2.7/test/test_import.pyc #usr/lib/python2.7/test/test_import.pyo +#usr/lib/python2.7/test/test_import_magic.py +#usr/lib/python2.7/test/test_import_magic.pyc +#usr/lib/python2.7/test/test_import_magic.pyo #usr/lib/python2.7/test/test_importhooks.py #usr/lib/python2.7/test/test_importhooks.pyc #usr/lib/python2.7/test/test_importhooks.pyo @@ -3794,9 +3815,6 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_multibytecodec.py #usr/lib/python2.7/test/test_multibytecodec.pyc #usr/lib/python2.7/test/test_multibytecodec.pyo -#usr/lib/python2.7/test/test_multibytecodec_support.py -#usr/lib/python2.7/test/test_multibytecodec_support.pyc -#usr/lib/python2.7/test/test_multibytecodec_support.pyo #usr/lib/python2.7/test/test_multifile.py #usr/lib/python2.7/test/test_multifile.pyc #usr/lib/python2.7/test/test_multifile.pyo @@ -3965,6 +3983,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_readline.py #usr/lib/python2.7/test/test_readline.pyc #usr/lib/python2.7/test/test_readline.pyo +#usr/lib/python2.7/test/test_regrtest.py +#usr/lib/python2.7/test/test_regrtest.pyc +#usr/lib/python2.7/test/test_regrtest.pyo #usr/lib/python2.7/test/test_repr.py #usr/lib/python2.7/test/test_repr.pyc #usr/lib/python2.7/test/test_repr.pyo @@ -4142,6 +4163,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_tempfile.py #usr/lib/python2.7/test/test_tempfile.pyc #usr/lib/python2.7/test/test_tempfile.pyo +#usr/lib/python2.7/test/test_test_support.py +#usr/lib/python2.7/test/test_test_support.pyc +#usr/lib/python2.7/test/test_test_support.pyo #usr/lib/python2.7/test/test_textwrap.py #usr/lib/python2.7/test/test_textwrap.pyc #usr/lib/python2.7/test/test_textwrap.pyo @@ -4375,6 +4399,7 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/win_console_handler.pyo #usr/lib/python2.7/test/wrongcert.pem #usr/lib/python2.7/test/xmltestdata +#usr/lib/python2.7/test/xmltestdata/expat224_utf8_bug.xml #usr/lib/python2.7/test/xmltestdata/simple-ns.xml #usr/lib/python2.7/test/xmltestdata/simple.xml #usr/lib/python2.7/test/xmltestdata/test.xml diff --git a/config/rootfiles/common/attr b/config/rootfiles/common/attr index e8c2055fb..edfefa7e1 100644 --- a/config/rootfiles/common/attr +++ b/config/rootfiles/common/attr @@ -28,15 +28,18 @@ usr/lib/libattr.so.1.1.0 #usr/share/man/man1/attr.1 #usr/share/man/man1/getfattr.1 #usr/share/man/man1/setfattr.1 +#usr/share/man/man2/fgetxattr.2 #usr/share/man/man2/flistxattr.2 #usr/share/man/man2/fremovexattr.2 #usr/share/man/man2/fsetxattr.2 #usr/share/man/man2/getxattr.2 -#usr/share/man/man2/setxattr.2 +#usr/share/man/man2/lgetxattr.2 +#usr/share/man/man2/listxattr.2 #usr/share/man/man2/llistxattr.2 #usr/share/man/man2/lremovexattr.2 -#usr/share/man/man2/removexattr.2 #usr/share/man/man2/lsetxattr.2 +#usr/share/man/man2/removexattr.2 +#usr/share/man/man2/setxattr.2 #usr/share/man/man3/attr_get.3 #usr/share/man/man3/attr_getf.3 #usr/share/man/man3/attr_list.3 diff --git a/config/rootfiles/common/bind b/config/rootfiles/common/bind index 7ddfab332..bbe0e0741 100644 --- a/config/rootfiles/common/bind +++ b/config/rootfiles/common/bind @@ -270,7 +270,7 @@ usr/lib/libbind9.so.161.0.0 #usr/lib/libdns.la #usr/lib/libdns.so usr/lib/libdns.so.1104 -usr/lib/libdns.so.1104.0.0 +usr/lib/libdns.so.1104.0.1 #usr/lib/libisc.la #usr/lib/libisc.so usr/lib/libisc.so.1100 diff --git a/config/rootfiles/common/configroot b/config/rootfiles/common/con= figroot index c72768165..fa18a0525 100644 --- a/config/rootfiles/common/configroot +++ b/config/rootfiles/common/configroot @@ -19,6 +19,7 @@ var/ipfire/captive/settings var/ipfire/captive/voucher_out var/ipfire/certs #var/ipfire/certs/index.txt +var/ipfire/certs/index.txt.attr #var/ipfire/certs/serial var/ipfire/connscheduler #var/ipfire/connscheduler/connscheduler.conf @@ -150,7 +151,6 @@ var/ipfire/proxy #var/ipfire/proxy/advanced/cre #var/ipfire/proxy/advanced/cre/enable #var/ipfire/proxy/advanced/settings -#var/ipfire/proxy/advanced/useragents #var/ipfire/proxy/calamaris #var/ipfire/proxy/calamaris/bin #var/ipfire/proxy/settings diff --git a/config/rootfiles/common/i586/initscripts b/config/rootfiles/comm= on/i586/initscripts index 7b2c1c5f4..6f9868ec3 100644 --- a/config/rootfiles/common/i586/initscripts +++ b/config/rootfiles/common/i586/initscripts @@ -12,6 +12,7 @@ etc/rc.d/init.d/checkfs etc/rc.d/init.d/cleanfs etc/rc.d/init.d/collectd etc/rc.d/init.d/connectd +etc/rc.d/init.d/conntrackd etc/rc.d/init.d/console etc/rc.d/init.d/dhcp etc/rc.d/init.d/dhcrelay @@ -102,6 +103,7 @@ etc/rc.d/rc0.d/K45random etc/rc.d/rc0.d/K47setclock etc/rc.d/rc0.d/K49cyrus-sasl etc/rc.d/rc0.d/K51vnstat +etc/rc.d/rc0.d/K77conntrackd etc/rc.d/rc0.d/K78snort etc/rc.d/rc0.d/K79leds etc/rc.d/rc0.d/K79unbound @@ -130,6 +132,7 @@ etc/rc.d/rc3.d/S19wlanclient etc/rc.d/rc3.d/S20network etc/rc.d/rc3.d/S11unbound etc/rc.d/rc3.d/S21leds +etc/rc.d/rc3.d/S22conntrackd etc/rc.d/rc3.d/S24cyrus-sasl etc/rc.d/rc3.d/S30sshd etc/rc.d/rc3.d/S32apache @@ -153,6 +156,7 @@ etc/rc.d/rc6.d/K45random etc/rc.d/rc6.d/K47setclock etc/rc.d/rc6.d/K49cyrus-sasl etc/rc.d/rc6.d/K51vnstat +etc/rc.d/rc6.d/K77conntrackd etc/rc.d/rc6.d/K78snort etc/rc.d/rc6.d/K79leds etc/rc.d/rc6.d/K79unbound diff --git a/config/rootfiles/common/i586/python b/config/rootfiles/common/i5= 86/python index 9248201f9..586755c9b 100644 --- a/config/rootfiles/common/i586/python +++ b/config/rootfiles/common/i586/python @@ -1463,8 +1463,8 @@ usr/lib/python2.7/encodings/zlib_codec.pyc #usr/lib/python2.7/ensurepip/__main__.pyc #usr/lib/python2.7/ensurepip/__main__.pyo #usr/lib/python2.7/ensurepip/_bundled -#usr/lib/python2.7/ensurepip/_bundled/pip-9.0.1-py2.py3-none-any.whl -#usr/lib/python2.7/ensurepip/_bundled/setuptools-28.8.0-py2.py3-none-any.whl +#usr/lib/python2.7/ensurepip/_bundled/pip-9.0.3-py2.py3-none-any.whl +#usr/lib/python2.7/ensurepip/_bundled/setuptools-39.0.1-py2.py3-none-any.whl #usr/lib/python2.7/ensurepip/_uninstall.py #usr/lib/python2.7/ensurepip/_uninstall.pyc #usr/lib/python2.7/ensurepip/_uninstall.pyo @@ -1926,7 +1926,7 @@ usr/lib/python2.7/json/tool.pyc usr/lib/python2.7/keyword.pyc #usr/lib/python2.7/keyword.pyo #usr/lib/python2.7/lib-dynload -#usr/lib/python2.7/lib-dynload/Python-2.7.13-py2.7.egg-info +#usr/lib/python2.7/lib-dynload/Python-2.7.15-py2.7.egg-info usr/lib/python2.7/lib-dynload/_bisect.so usr/lib/python2.7/lib-dynload/_bsddb.so usr/lib/python2.7/lib-dynload/_codecs_cn.so @@ -2102,9 +2102,9 @@ usr/lib/python2.7/lib-dynload/zlib.so #usr/lib/python2.7/lib-tk/turtle.pyo #usr/lib/python2.7/lib2to3 #usr/lib/python2.7/lib2to3/Grammar.txt -#usr/lib/python2.7/lib2to3/Grammar2.7.13.final.0.pickle +#usr/lib/python2.7/lib2to3/Grammar2.7.15.final.0.pickle #usr/lib/python2.7/lib2to3/PatternGrammar.txt -#usr/lib/python2.7/lib2to3/PatternGrammar2.7.13.final.0.pickle +#usr/lib/python2.7/lib2to3/PatternGrammar2.7.15.final.0.pickle #usr/lib/python2.7/lib2to3/__init__.py #usr/lib/python2.7/lib2to3/__init__.pyc #usr/lib/python2.7/lib2to3/__init__.pyo @@ -2754,6 +2754,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/__init__.py #usr/lib/python2.7/test/__init__.pyc #usr/lib/python2.7/test/__init__.pyo +#usr/lib/python2.7/test/__main__.py +#usr/lib/python2.7/test/__main__.pyc +#usr/lib/python2.7/test/__main__.pyo #usr/lib/python2.7/test/_mock_backport.py #usr/lib/python2.7/test/_mock_backport.pyc #usr/lib/python2.7/test/_mock_backport.pyo @@ -2792,6 +2795,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/badsyntax_future8.py #usr/lib/python2.7/test/badsyntax_future9.py #usr/lib/python2.7/test/badsyntax_nocaret.py +#usr/lib/python2.7/test/bisect.py +#usr/lib/python2.7/test/bisect.pyc +#usr/lib/python2.7/test/bisect.pyo #usr/lib/python2.7/test/capath #usr/lib/python2.7/test/capath/0e4015b9.0 #usr/lib/python2.7/test/capath/4e1295a3.0 @@ -3042,6 +3048,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/mp_fork_bomb.py #usr/lib/python2.7/test/mp_fork_bomb.pyc #usr/lib/python2.7/test/mp_fork_bomb.pyo +#usr/lib/python2.7/test/multibytecodec_support.py +#usr/lib/python2.7/test/multibytecodec_support.pyc +#usr/lib/python2.7/test/multibytecodec_support.pyo #usr/lib/python2.7/test/nokia.pem #usr/lib/python2.7/test/nullbytecert.pem #usr/lib/python2.7/test/nullcert.pem @@ -3067,6 +3076,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/pystone.py #usr/lib/python2.7/test/pystone.pyc #usr/lib/python2.7/test/pystone.pyo +#usr/lib/python2.7/test/pythoninfo.py +#usr/lib/python2.7/test/pythoninfo.pyc +#usr/lib/python2.7/test/pythoninfo.pyo #usr/lib/python2.7/test/randv2_32.pck #usr/lib/python2.7/test/randv2_64.pck #usr/lib/python2.7/test/randv3.pck @@ -3100,7 +3112,6 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/seq_tests.pyc #usr/lib/python2.7/test/seq_tests.pyo #usr/lib/python2.7/test/sgml_input.html -#usr/lib/python2.7/test/sha256.pem #usr/lib/python2.7/test/sortperf.py #usr/lib/python2.7/test/sortperf.pyc #usr/lib/python2.7/test/sortperf.pyo @@ -3120,6 +3131,13 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.py #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.pyc #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.pyo +#usr/lib/python2.7/test/support +#usr/lib/python2.7/test/support/__init__.py +#usr/lib/python2.7/test/support/__init__.pyc +#usr/lib/python2.7/test/support/__init__.pyo +#usr/lib/python2.7/test/support/script_helper.py +#usr/lib/python2.7/test/support/script_helper.pyc +#usr/lib/python2.7/test/support/script_helper.pyo #usr/lib/python2.7/test/symlink_support.py #usr/lib/python2.7/test/symlink_support.pyc #usr/lib/python2.7/test/symlink_support.pyo @@ -3665,6 +3683,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_import.py #usr/lib/python2.7/test/test_import.pyc #usr/lib/python2.7/test/test_import.pyo +#usr/lib/python2.7/test/test_import_magic.py +#usr/lib/python2.7/test/test_import_magic.pyc +#usr/lib/python2.7/test/test_import_magic.pyo #usr/lib/python2.7/test/test_importhooks.py #usr/lib/python2.7/test/test_importhooks.pyc #usr/lib/python2.7/test/test_importhooks.pyo @@ -3794,9 +3815,6 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_multibytecodec.py #usr/lib/python2.7/test/test_multibytecodec.pyc #usr/lib/python2.7/test/test_multibytecodec.pyo -#usr/lib/python2.7/test/test_multibytecodec_support.py -#usr/lib/python2.7/test/test_multibytecodec_support.pyc -#usr/lib/python2.7/test/test_multibytecodec_support.pyo #usr/lib/python2.7/test/test_multifile.py #usr/lib/python2.7/test/test_multifile.pyc #usr/lib/python2.7/test/test_multifile.pyo @@ -3965,6 +3983,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_readline.py #usr/lib/python2.7/test/test_readline.pyc #usr/lib/python2.7/test/test_readline.pyo +#usr/lib/python2.7/test/test_regrtest.py +#usr/lib/python2.7/test/test_regrtest.pyc +#usr/lib/python2.7/test/test_regrtest.pyo #usr/lib/python2.7/test/test_repr.py #usr/lib/python2.7/test/test_repr.pyc #usr/lib/python2.7/test/test_repr.pyo @@ -4142,6 +4163,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_tempfile.py #usr/lib/python2.7/test/test_tempfile.pyc #usr/lib/python2.7/test/test_tempfile.pyo +#usr/lib/python2.7/test/test_test_support.py +#usr/lib/python2.7/test/test_test_support.pyc +#usr/lib/python2.7/test/test_test_support.pyo #usr/lib/python2.7/test/test_textwrap.py #usr/lib/python2.7/test/test_textwrap.pyc #usr/lib/python2.7/test/test_textwrap.pyo @@ -4375,6 +4399,7 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/win_console_handler.pyo #usr/lib/python2.7/test/wrongcert.pem #usr/lib/python2.7/test/xmltestdata +#usr/lib/python2.7/test/xmltestdata/expat224_utf8_bug.xml #usr/lib/python2.7/test/xmltestdata/simple-ns.xml #usr/lib/python2.7/test/xmltestdata/simple.xml #usr/lib/python2.7/test/xmltestdata/test.xml diff --git a/config/rootfiles/common/openvpn b/config/rootfiles/common/openvpn index 131d79873..547842db3 100644 --- a/config/rootfiles/common/openvpn +++ b/config/rootfiles/common/openvpn @@ -25,6 +25,7 @@ var/ipfire/ovpn/caconfig var/ipfire/ovpn/ccd #var/ipfire/ovpn/certs var/ipfire/ovpn/certs/index.txt +var/ipfire/ovpn/certs/index.txt.attr var/ipfire/ovpn/certs/serial var/ipfire/ovpn/crls var/ipfire/ovpn/n2nconf diff --git a/config/rootfiles/common/perl-Net-CIDR-Lite b/config/rootfiles/co= mmon/perl-Net-CIDR-Lite new file mode 100644 index 000000000..691a7693f --- /dev/null +++ b/config/rootfiles/common/perl-Net-CIDR-Lite @@ -0,0 +1,6 @@ +#usr/lib/perl5/site_perl/5.12.3/Net/CIDR +usr/lib/perl5/site_perl/5.12.3/Net/CIDR/Lite.pm +#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Net/CIDR +#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Net/CIDR/Lite +#usr/lib/perl5/site_perl/5.12.3/MACHINE-linux-thread-multi/auto/Net/CIDR/Lit= e/.packlist +#usr/share/man/man3/Net::CIDR::Lite.3 diff --git a/config/rootfiles/common/squid b/config/rootfiles/common/squid index 4e8259a6d..6c8998f93 100644 --- a/config/rootfiles/common/squid +++ b/config/rootfiles/common/squid @@ -20,7 +20,6 @@ usr/lib/squid/basic_db_auth usr/lib/squid/basic_fake_auth usr/lib/squid/basic_getpwnam_auth usr/lib/squid/basic_ldap_auth -usr/lib/squid/basic_msnt_multi_domain_auth usr/lib/squid/basic_ncsa_auth usr/lib/squid/basic_nis_auth usr/lib/squid/basic_pam_auth @@ -29,7 +28,6 @@ usr/lib/squid/basic_radius_auth usr/lib/squid/basic_sasl_auth usr/lib/squid/basic_smb_auth usr/lib/squid/basic_smb_auth.sh -usr/lib/squid/basic_smb_lm_auth #usr/lib/squid/cachemgr.cgi usr/lib/squid/digest_edirectory_auth usr/lib/squid/digest_file_auth @@ -69,6 +67,7 @@ usr/lib/squid/diskd #usr/lib/squid/errors/af/ERR_NO_RELAY #usr/lib/squid/errors/af/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/af/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/af/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/af/ERR_READ_ERROR #usr/lib/squid/errors/af/ERR_READ_TIMEOUT #usr/lib/squid/errors/af/ERR_SECURE_CONNECT_FAIL @@ -128,6 +127,7 @@ usr/lib/squid/diskd #usr/lib/squid/errors/ar/ERR_NO_RELAY #usr/lib/squid/errors/ar/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/ar/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/ar/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/ar/ERR_READ_ERROR #usr/lib/squid/errors/ar/ERR_READ_TIMEOUT #usr/lib/squid/errors/ar/ERR_SECURE_CONNECT_FAIL @@ -172,6 +172,7 @@ usr/lib/squid/diskd #usr/lib/squid/errors/az/ERR_NO_RELAY #usr/lib/squid/errors/az/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/az/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/az/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/az/ERR_READ_ERROR #usr/lib/squid/errors/az/ERR_READ_TIMEOUT #usr/lib/squid/errors/az/ERR_SECURE_CONNECT_FAIL @@ -216,6 +217,7 @@ usr/lib/squid/diskd #usr/lib/squid/errors/bg/ERR_NO_RELAY #usr/lib/squid/errors/bg/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/bg/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/bg/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/bg/ERR_READ_ERROR #usr/lib/squid/errors/bg/ERR_READ_TIMEOUT #usr/lib/squid/errors/bg/ERR_SECURE_CONNECT_FAIL @@ -229,6 +231,7 @@ usr/lib/squid/diskd #usr/lib/squid/errors/bg/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/bg/error-details.txt #usr/lib/squid/errors/ca +#usr/lib/squid/errors/ca-es #usr/lib/squid/errors/ca/ERR_ACCESS_DENIED #usr/lib/squid/errors/ca/ERR_ACL_TIME_QUOTA_EXCEEDED #usr/lib/squid/errors/ca/ERR_AGENT_CONFIGURE @@ -259,6 +262,7 @@ usr/lib/squid/diskd #usr/lib/squid/errors/ca/ERR_NO_RELAY #usr/lib/squid/errors/ca/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/ca/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/ca/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/ca/ERR_READ_ERROR #usr/lib/squid/errors/ca/ERR_READ_TIMEOUT #usr/lib/squid/errors/ca/ERR_SECURE_CONNECT_FAIL @@ -303,6 +307,7 @@ usr/lib/squid/diskd #usr/lib/squid/errors/cs/ERR_NO_RELAY #usr/lib/squid/errors/cs/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/cs/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/cs/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/cs/ERR_READ_ERROR #usr/lib/squid/errors/cs/ERR_READ_TIMEOUT #usr/lib/squid/errors/cs/ERR_SECURE_CONNECT_FAIL @@ -347,6 +352,7 @@ usr/lib/squid/diskd #usr/lib/squid/errors/da/ERR_NO_RELAY #usr/lib/squid/errors/da/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/da/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/da/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/da/ERR_READ_ERROR #usr/lib/squid/errors/da/ERR_READ_TIMEOUT #usr/lib/squid/errors/da/ERR_SECURE_CONNECT_FAIL @@ -395,6 +401,7 @@ usr/lib/squid/errors/de/ERR_LIFETIME_EXP usr/lib/squid/errors/de/ERR_NO_RELAY usr/lib/squid/errors/de/ERR_ONLY_IF_CACHED_MISS usr/lib/squid/errors/de/ERR_PRECONDITION_FAILED +usr/lib/squid/errors/de/ERR_PROTOCOL_UNKNOWN usr/lib/squid/errors/de/ERR_READ_ERROR usr/lib/squid/errors/de/ERR_READ_TIMEOUT usr/lib/squid/errors/de/ERR_SECURE_CONNECT_FAIL @@ -439,6 +446,7 @@ usr/lib/squid/errors/de/error-details.txt #usr/lib/squid/errors/el/ERR_NO_RELAY #usr/lib/squid/errors/el/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/el/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/el/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/el/ERR_READ_ERROR #usr/lib/squid/errors/el/ERR_READ_TIMEOUT #usr/lib/squid/errors/el/ERR_SECURE_CONNECT_FAIL @@ -455,6 +463,7 @@ usr/lib/squid/errors/de/error-details.txt #usr/lib/squid/errors/en-au #usr/lib/squid/errors/en-bz #usr/lib/squid/errors/en-ca +#usr/lib/squid/errors/en-cn #usr/lib/squid/errors/en-gb #usr/lib/squid/errors/en-ie #usr/lib/squid/errors/en-in @@ -497,6 +506,7 @@ usr/lib/squid/errors/en/ERR_LIFETIME_EXP usr/lib/squid/errors/en/ERR_NO_RELAY usr/lib/squid/errors/en/ERR_ONLY_IF_CACHED_MISS usr/lib/squid/errors/en/ERR_PRECONDITION_FAILED +usr/lib/squid/errors/en/ERR_PROTOCOL_UNKNOWN usr/lib/squid/errors/en/ERR_READ_ERROR usr/lib/squid/errors/en/ERR_READ_TIMEOUT usr/lib/squid/errors/en/ERR_SECURE_CONNECT_FAIL @@ -530,6 +540,7 @@ usr/lib/squid/errors/en/error-details.txt #usr/lib/squid/errors/es-us #usr/lib/squid/errors/es-uy #usr/lib/squid/errors/es-ve +#usr/lib/squid/errors/es-xl usr/lib/squid/errors/es/ERR_ACCESS_DENIED usr/lib/squid/errors/es/ERR_ACL_TIME_QUOTA_EXCEEDED usr/lib/squid/errors/es/ERR_AGENT_CONFIGURE @@ -560,6 +571,7 @@ usr/lib/squid/errors/es/ERR_LIFETIME_EXP usr/lib/squid/errors/es/ERR_NO_RELAY usr/lib/squid/errors/es/ERR_ONLY_IF_CACHED_MISS usr/lib/squid/errors/es/ERR_PRECONDITION_FAILED +usr/lib/squid/errors/es/ERR_PROTOCOL_UNKNOWN usr/lib/squid/errors/es/ERR_READ_ERROR usr/lib/squid/errors/es/ERR_READ_TIMEOUT usr/lib/squid/errors/es/ERR_SECURE_CONNECT_FAIL @@ -604,6 +616,7 @@ usr/lib/squid/errors/es/error-details.txt #usr/lib/squid/errors/et/ERR_NO_RELAY #usr/lib/squid/errors/et/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/et/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/et/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/et/ERR_READ_ERROR #usr/lib/squid/errors/et/ERR_READ_TIMEOUT #usr/lib/squid/errors/et/ERR_SECURE_CONNECT_FAIL @@ -649,6 +662,7 @@ usr/lib/squid/errors/es/error-details.txt #usr/lib/squid/errors/fa/ERR_NO_RELAY #usr/lib/squid/errors/fa/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/fa/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/fa/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/fa/ERR_READ_ERROR #usr/lib/squid/errors/fa/ERR_READ_TIMEOUT #usr/lib/squid/errors/fa/ERR_SECURE_CONNECT_FAIL @@ -693,6 +707,7 @@ usr/lib/squid/errors/es/error-details.txt #usr/lib/squid/errors/fi/ERR_NO_RELAY #usr/lib/squid/errors/fi/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/fi/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/fi/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/fi/ERR_READ_ERROR #usr/lib/squid/errors/fi/ERR_READ_TIMEOUT #usr/lib/squid/errors/fi/ERR_SECURE_CONNECT_FAIL @@ -742,6 +757,7 @@ usr/lib/squid/errors/fr/ERR_LIFETIME_EXP usr/lib/squid/errors/fr/ERR_NO_RELAY usr/lib/squid/errors/fr/ERR_ONLY_IF_CACHED_MISS usr/lib/squid/errors/fr/ERR_PRECONDITION_FAILED +usr/lib/squid/errors/fr/ERR_PROTOCOL_UNKNOWN usr/lib/squid/errors/fr/ERR_READ_ERROR usr/lib/squid/errors/fr/ERR_READ_TIMEOUT usr/lib/squid/errors/fr/ERR_SECURE_CONNECT_FAIL @@ -786,6 +802,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/he/ERR_NO_RELAY #usr/lib/squid/errors/he/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/he/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/he/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/he/ERR_READ_ERROR #usr/lib/squid/errors/he/ERR_READ_TIMEOUT #usr/lib/squid/errors/he/ERR_SECURE_CONNECT_FAIL @@ -830,6 +847,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/hu/ERR_NO_RELAY #usr/lib/squid/errors/hu/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/hu/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/hu/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/hu/ERR_READ_ERROR #usr/lib/squid/errors/hu/ERR_READ_TIMEOUT #usr/lib/squid/errors/hu/ERR_SECURE_CONNECT_FAIL @@ -875,6 +893,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/hy/ERR_NO_RELAY #usr/lib/squid/errors/hy/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/hy/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/hy/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/hy/ERR_READ_ERROR #usr/lib/squid/errors/hy/ERR_READ_TIMEOUT #usr/lib/squid/errors/hy/ERR_SECURE_CONNECT_FAIL @@ -919,6 +938,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/id/ERR_NO_RELAY #usr/lib/squid/errors/id/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/id/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/id/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/id/ERR_READ_ERROR #usr/lib/squid/errors/id/ERR_READ_TIMEOUT #usr/lib/squid/errors/id/ERR_SECURE_CONNECT_FAIL @@ -964,6 +984,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/it/ERR_NO_RELAY #usr/lib/squid/errors/it/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/it/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/it/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/it/ERR_READ_ERROR #usr/lib/squid/errors/it/ERR_READ_TIMEOUT #usr/lib/squid/errors/it/ERR_SECURE_CONNECT_FAIL @@ -1008,6 +1029,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/ja/ERR_NO_RELAY #usr/lib/squid/errors/ja/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/ja/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/ja/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/ja/ERR_READ_ERROR #usr/lib/squid/errors/ja/ERR_READ_TIMEOUT #usr/lib/squid/errors/ja/ERR_SECURE_CONNECT_FAIL @@ -1021,6 +1043,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/ja/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/ja/error-details.txt #usr/lib/squid/errors/ka +#usr/lib/squid/errors/ka-ge #usr/lib/squid/errors/ka/ERR_ACCESS_DENIED #usr/lib/squid/errors/ka/ERR_ACL_TIME_QUOTA_EXCEEDED #usr/lib/squid/errors/ka/ERR_AGENT_CONFIGURE @@ -1051,6 +1074,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/ka/ERR_NO_RELAY #usr/lib/squid/errors/ka/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/ka/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/ka/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/ka/ERR_READ_ERROR #usr/lib/squid/errors/ka/ERR_READ_TIMEOUT #usr/lib/squid/errors/ka/ERR_SECURE_CONNECT_FAIL @@ -1063,7 +1087,6 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/ka/ERR_WRITE_ERROR #usr/lib/squid/errors/ka/ERR_ZERO_SIZE_OBJECT #usr/lib/squid/errors/ka/error-details.txt -#usr/lib/squid/errors/ka-ge #usr/lib/squid/errors/ko #usr/lib/squid/errors/ko-kp #usr/lib/squid/errors/ko-kr @@ -1097,6 +1120,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/ko/ERR_NO_RELAY #usr/lib/squid/errors/ko/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/ko/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/ko/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/ko/ERR_READ_ERROR #usr/lib/squid/errors/ko/ERR_READ_TIMEOUT #usr/lib/squid/errors/ko/ERR_SECURE_CONNECT_FAIL @@ -1141,6 +1165,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/lt/ERR_NO_RELAY #usr/lib/squid/errors/lt/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/lt/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/lt/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/lt/ERR_READ_ERROR #usr/lib/squid/errors/lt/ERR_READ_TIMEOUT #usr/lib/squid/errors/lt/ERR_SECURE_CONNECT_FAIL @@ -1185,6 +1210,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/lv/ERR_NO_RELAY #usr/lib/squid/errors/lv/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/lv/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/lv/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/lv/ERR_READ_ERROR #usr/lib/squid/errors/lv/ERR_READ_TIMEOUT #usr/lib/squid/errors/lv/ERR_SECURE_CONNECT_FAIL @@ -1229,6 +1255,7 @@ usr/lib/squid/errors/fr/error-details.txt #usr/lib/squid/errors/ms/ERR_NO_RELAY #usr/lib/squid/errors/ms/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/ms/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/ms/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/ms/ERR_READ_ERROR #usr/lib/squid/errors/ms/ERR_READ_TIMEOUT #usr/lib/squid/errors/ms/ERR_SECURE_CONNECT_FAIL @@ -1273,6 +1300,7 @@ usr/lib/squid/errors/nl/ERR_LIFETIME_EXP usr/lib/squid/errors/nl/ERR_NO_RELAY usr/lib/squid/errors/nl/ERR_ONLY_IF_CACHED_MISS usr/lib/squid/errors/nl/ERR_PRECONDITION_FAILED +usr/lib/squid/errors/nl/ERR_PROTOCOL_UNKNOWN usr/lib/squid/errors/nl/ERR_READ_ERROR usr/lib/squid/errors/nl/ERR_READ_TIMEOUT usr/lib/squid/errors/nl/ERR_SECURE_CONNECT_FAIL @@ -1316,6 +1344,7 @@ usr/lib/squid/errors/nl/error-details.txt #usr/lib/squid/errors/oc/ERR_NO_RELAY #usr/lib/squid/errors/oc/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/oc/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/oc/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/oc/ERR_READ_ERROR #usr/lib/squid/errors/oc/ERR_READ_TIMEOUT #usr/lib/squid/errors/oc/ERR_SECURE_CONNECT_FAIL @@ -1360,6 +1389,7 @@ usr/lib/squid/errors/pl/ERR_LIFETIME_EXP usr/lib/squid/errors/pl/ERR_NO_RELAY usr/lib/squid/errors/pl/ERR_ONLY_IF_CACHED_MISS usr/lib/squid/errors/pl/ERR_PRECONDITION_FAILED +usr/lib/squid/errors/pl/ERR_PROTOCOL_UNKNOWN usr/lib/squid/errors/pl/ERR_READ_ERROR usr/lib/squid/errors/pl/ERR_READ_TIMEOUT usr/lib/squid/errors/pl/ERR_SECURE_CONNECT_FAIL @@ -1404,6 +1434,7 @@ usr/lib/squid/errors/pl/error-details.txt #usr/lib/squid/errors/pt-br/ERR_NO_RELAY #usr/lib/squid/errors/pt-br/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/pt-br/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/pt-br/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/pt-br/ERR_READ_ERROR #usr/lib/squid/errors/pt-br/ERR_READ_TIMEOUT #usr/lib/squid/errors/pt-br/ERR_SECURE_CONNECT_FAIL @@ -1418,6 +1449,7 @@ usr/lib/squid/errors/pl/error-details.txt #usr/lib/squid/errors/pt-br/error-details.txt #usr/lib/squid/errors/pt-bz #usr/lib/squid/errors/pt-pt +#usr/lib/squid/errors/pt-xl #usr/lib/squid/errors/pt/ERR_ACCESS_DENIED #usr/lib/squid/errors/pt/ERR_ACL_TIME_QUOTA_EXCEEDED #usr/lib/squid/errors/pt/ERR_AGENT_CONFIGURE @@ -1448,6 +1480,7 @@ usr/lib/squid/errors/pl/error-details.txt #usr/lib/squid/errors/pt/ERR_NO_RELAY #usr/lib/squid/errors/pt/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/pt/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/pt/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/pt/ERR_READ_ERROR #usr/lib/squid/errors/pt/ERR_READ_TIMEOUT #usr/lib/squid/errors/pt/ERR_SECURE_CONNECT_FAIL @@ -1493,6 +1526,7 @@ usr/lib/squid/errors/pl/error-details.txt #usr/lib/squid/errors/ro/ERR_NO_RELAY #usr/lib/squid/errors/ro/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/ro/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/ro/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/ro/ERR_READ_ERROR #usr/lib/squid/errors/ro/ERR_READ_TIMEOUT #usr/lib/squid/errors/ro/ERR_SECURE_CONNECT_FAIL @@ -1537,6 +1571,7 @@ usr/lib/squid/errors/ru/ERR_LIFETIME_EXP usr/lib/squid/errors/ru/ERR_NO_RELAY usr/lib/squid/errors/ru/ERR_ONLY_IF_CACHED_MISS usr/lib/squid/errors/ru/ERR_PRECONDITION_FAILED +usr/lib/squid/errors/ru/ERR_PROTOCOL_UNKNOWN usr/lib/squid/errors/ru/ERR_READ_ERROR usr/lib/squid/errors/ru/ERR_READ_TIMEOUT usr/lib/squid/errors/ru/ERR_SECURE_CONNECT_FAIL @@ -1581,6 +1616,7 @@ usr/lib/squid/errors/ru/error-details.txt #usr/lib/squid/errors/sk/ERR_NO_RELAY #usr/lib/squid/errors/sk/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/sk/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/sk/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/sk/ERR_READ_ERROR #usr/lib/squid/errors/sk/ERR_READ_TIMEOUT #usr/lib/squid/errors/sk/ERR_SECURE_CONNECT_FAIL @@ -1625,6 +1661,7 @@ usr/lib/squid/errors/ru/error-details.txt #usr/lib/squid/errors/sl/ERR_NO_RELAY #usr/lib/squid/errors/sl/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/sl/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/sl/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/sl/ERR_READ_ERROR #usr/lib/squid/errors/sl/ERR_READ_TIMEOUT #usr/lib/squid/errors/sl/ERR_SECURE_CONNECT_FAIL @@ -1672,6 +1709,7 @@ usr/lib/squid/errors/ru/error-details.txt #usr/lib/squid/errors/sr-cyrl/ERR_NO_RELAY #usr/lib/squid/errors/sr-cyrl/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/sr-cyrl/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/sr-cyrl/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/sr-cyrl/ERR_READ_ERROR #usr/lib/squid/errors/sr-cyrl/ERR_READ_TIMEOUT #usr/lib/squid/errors/sr-cyrl/ERR_SECURE_CONNECT_FAIL @@ -1718,6 +1756,7 @@ usr/lib/squid/errors/ru/error-details.txt #usr/lib/squid/errors/sr-latn/ERR_NO_RELAY #usr/lib/squid/errors/sr-latn/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/sr-latn/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/sr-latn/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/sr-latn/ERR_READ_ERROR #usr/lib/squid/errors/sr-latn/ERR_READ_TIMEOUT #usr/lib/squid/errors/sr-latn/ERR_SECURE_CONNECT_FAIL @@ -1765,6 +1804,7 @@ usr/lib/squid/errors/ru/error-details.txt #usr/lib/squid/errors/sv/ERR_NO_RELAY #usr/lib/squid/errors/sv/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/sv/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/sv/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/sv/ERR_READ_ERROR #usr/lib/squid/errors/sv/ERR_READ_TIMEOUT #usr/lib/squid/errors/sv/ERR_SECURE_CONNECT_FAIL @@ -1808,6 +1848,7 @@ usr/lib/squid/errors/ru/error-details.txt #usr/lib/squid/errors/templates/ERR_NO_RELAY #usr/lib/squid/errors/templates/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/templates/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/templates/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/templates/ERR_READ_ERROR #usr/lib/squid/errors/templates/ERR_READ_TIMEOUT #usr/lib/squid/errors/templates/ERR_SECURE_CONNECT_FAIL @@ -1852,6 +1893,7 @@ usr/lib/squid/errors/ru/error-details.txt #usr/lib/squid/errors/th/ERR_NO_RELAY #usr/lib/squid/errors/th/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/th/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/th/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/th/ERR_READ_ERROR #usr/lib/squid/errors/th/ERR_READ_TIMEOUT #usr/lib/squid/errors/th/ERR_SECURE_CONNECT_FAIL @@ -1896,6 +1938,7 @@ usr/lib/squid/errors/tr/ERR_LIFETIME_EXP usr/lib/squid/errors/tr/ERR_NO_RELAY usr/lib/squid/errors/tr/ERR_ONLY_IF_CACHED_MISS usr/lib/squid/errors/tr/ERR_PRECONDITION_FAILED +usr/lib/squid/errors/tr/ERR_PROTOCOL_UNKNOWN usr/lib/squid/errors/tr/ERR_READ_ERROR usr/lib/squid/errors/tr/ERR_READ_TIMEOUT usr/lib/squid/errors/tr/ERR_SECURE_CONNECT_FAIL @@ -1940,6 +1983,7 @@ usr/lib/squid/errors/tr/error-details.txt #usr/lib/squid/errors/uk/ERR_NO_RELAY #usr/lib/squid/errors/uk/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/uk/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/uk/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/uk/ERR_READ_ERROR #usr/lib/squid/errors/uk/ERR_READ_TIMEOUT #usr/lib/squid/errors/uk/ERR_SECURE_CONNECT_FAIL @@ -1983,6 +2027,7 @@ usr/lib/squid/errors/tr/error-details.txt #usr/lib/squid/errors/uz/ERR_NO_RELAY #usr/lib/squid/errors/uz/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/uz/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/uz/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/uz/ERR_READ_ERROR #usr/lib/squid/errors/uz/ERR_READ_TIMEOUT #usr/lib/squid/errors/uz/ERR_SECURE_CONNECT_FAIL @@ -2027,6 +2072,7 @@ usr/lib/squid/errors/tr/error-details.txt #usr/lib/squid/errors/vi/ERR_NO_RELAY #usr/lib/squid/errors/vi/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/vi/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/vi/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/vi/ERR_READ_ERROR #usr/lib/squid/errors/vi/ERR_READ_TIMEOUT #usr/lib/squid/errors/vi/ERR_SECURE_CONNECT_FAIL @@ -2073,6 +2119,7 @@ usr/lib/squid/errors/tr/error-details.txt #usr/lib/squid/errors/zh-hans/ERR_NO_RELAY #usr/lib/squid/errors/zh-hans/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/zh-hans/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/zh-hans/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/zh-hans/ERR_READ_ERROR #usr/lib/squid/errors/zh-hans/ERR_READ_TIMEOUT #usr/lib/squid/errors/zh-hans/ERR_SECURE_CONNECT_FAIL @@ -2119,6 +2166,7 @@ usr/lib/squid/errors/tr/error-details.txt #usr/lib/squid/errors/zh-hant/ERR_NO_RELAY #usr/lib/squid/errors/zh-hant/ERR_ONLY_IF_CACHED_MISS #usr/lib/squid/errors/zh-hant/ERR_PRECONDITION_FAILED +#usr/lib/squid/errors/zh-hant/ERR_PROTOCOL_UNKNOWN #usr/lib/squid/errors/zh-hant/ERR_READ_ERROR #usr/lib/squid/errors/zh-hant/ERR_READ_TIMEOUT #usr/lib/squid/errors/zh-hant/ERR_SECURE_CONNECT_FAIL @@ -2144,7 +2192,7 @@ usr/lib/squid/ext_sql_session_acl usr/lib/squid/ext_time_quota_acl usr/lib/squid/ext_unix_group_acl usr/lib/squid/ext_wbinfo_group_acl -usr/lib/squid/helper-mux.pl +usr/lib/squid/helper-mux usr/lib/squid/icons usr/lib/squid/icons/SN.png usr/lib/squid/icons/silk @@ -2203,18 +2251,19 @@ usr/lib/squid/log_file_daemon usr/lib/squid/mib.txt usr/lib/squid/negotiate_wrapper_auth usr/lib/squid/ntlm_fake_auth -usr/lib/squid/ntlm_smb_lm_auth +usr/lib/squid/security_fake_certverify usr/lib/squid/storeid_file_rewrite usr/lib/squid/unlinkd usr/lib/squid/url_fake_rewrite usr/lib/squid/url_fake_rewrite.sh +usr/lib/squid/url_lfs_rewrite usr/sbin/squid usr/sbin/updxlrator +#usr/share/man/man1/purge.1 #usr/share/man/man1/squidclient.1 #usr/share/man/man8/basic_db_auth.8 #usr/share/man/man8/basic_getpwnam_auth.8 #usr/share/man/man8/basic_ldap_auth.8 -#usr/share/man/man8/basic_msnt_multi_domain_auth.8 #usr/share/man/man8/basic_ncsa_auth.8 #usr/share/man/man8/basic_pam_auth.8 #usr/share/man/man8/basic_pop3_auth.8 @@ -2231,9 +2280,12 @@ usr/sbin/updxlrator #usr/share/man/man8/ext_time_quota_acl.8 #usr/share/man/man8/ext_unix_group_acl.8 #usr/share/man/man8/ext_wbinfo_group_acl.8 +#usr/share/man/man8/helper-mux.8 #usr/share/man/man8/log_db_daemon.8 +#usr/share/man/man8/security_fake_certverify.8 #usr/share/man/man8/squid.8 #usr/share/man/man8/storeid_file_rewrite.8 +#usr/share/man/man8/url_lfs_rewrite.8 #var/cache/squid var/ipfire/proxy/errorpage-ipfire.css var/ipfire/proxy/errorpage-squid.css diff --git a/config/rootfiles/common/unbound b/config/rootfiles/common/unbound index 2232c6889..9a8126c15 100644 --- a/config/rootfiles/common/unbound +++ b/config/rootfiles/common/unbound @@ -11,7 +11,7 @@ etc/unbound/unbound.conf #usr/lib/libunbound.la #usr/lib/libunbound.so usr/lib/libunbound.so.8 -usr/lib/libunbound.so.8.0.1 +usr/lib/libunbound.so.8.0.3 #usr/lib/pkgconfig/libunbound.pc usr/sbin/unbound usr/sbin/unbound-anchor diff --git a/config/rootfiles/common/x86_64/initscripts b/config/rootfiles/co= mmon/x86_64/initscripts index 7b2c1c5f4..6f9868ec3 100644 --- a/config/rootfiles/common/x86_64/initscripts +++ b/config/rootfiles/common/x86_64/initscripts @@ -12,6 +12,7 @@ etc/rc.d/init.d/checkfs etc/rc.d/init.d/cleanfs etc/rc.d/init.d/collectd etc/rc.d/init.d/connectd +etc/rc.d/init.d/conntrackd etc/rc.d/init.d/console etc/rc.d/init.d/dhcp etc/rc.d/init.d/dhcrelay @@ -102,6 +103,7 @@ etc/rc.d/rc0.d/K45random etc/rc.d/rc0.d/K47setclock etc/rc.d/rc0.d/K49cyrus-sasl etc/rc.d/rc0.d/K51vnstat +etc/rc.d/rc0.d/K77conntrackd etc/rc.d/rc0.d/K78snort etc/rc.d/rc0.d/K79leds etc/rc.d/rc0.d/K79unbound @@ -130,6 +132,7 @@ etc/rc.d/rc3.d/S19wlanclient etc/rc.d/rc3.d/S20network etc/rc.d/rc3.d/S11unbound etc/rc.d/rc3.d/S21leds +etc/rc.d/rc3.d/S22conntrackd etc/rc.d/rc3.d/S24cyrus-sasl etc/rc.d/rc3.d/S30sshd etc/rc.d/rc3.d/S32apache @@ -153,6 +156,7 @@ etc/rc.d/rc6.d/K45random etc/rc.d/rc6.d/K47setclock etc/rc.d/rc6.d/K49cyrus-sasl etc/rc.d/rc6.d/K51vnstat +etc/rc.d/rc6.d/K77conntrackd etc/rc.d/rc6.d/K78snort etc/rc.d/rc6.d/K79leds etc/rc.d/rc6.d/K79unbound diff --git a/config/rootfiles/common/x86_64/python b/config/rootfiles/common/= x86_64/python index 9824e19cb..350171647 100644 --- a/config/rootfiles/common/x86_64/python +++ b/config/rootfiles/common/x86_64/python @@ -1463,8 +1463,8 @@ usr/lib/python2.7/encodings/zlib_codec.pyc #usr/lib/python2.7/ensurepip/__main__.pyc #usr/lib/python2.7/ensurepip/__main__.pyo #usr/lib/python2.7/ensurepip/_bundled -#usr/lib/python2.7/ensurepip/_bundled/pip-9.0.1-py2.py3-none-any.whl -#usr/lib/python2.7/ensurepip/_bundled/setuptools-28.8.0-py2.py3-none-any.whl +#usr/lib/python2.7/ensurepip/_bundled/pip-9.0.3-py2.py3-none-any.whl +#usr/lib/python2.7/ensurepip/_bundled/setuptools-39.0.1-py2.py3-none-any.whl #usr/lib/python2.7/ensurepip/_uninstall.py #usr/lib/python2.7/ensurepip/_uninstall.pyc #usr/lib/python2.7/ensurepip/_uninstall.pyo @@ -1926,7 +1926,7 @@ usr/lib/python2.7/json/tool.pyc usr/lib/python2.7/keyword.pyc #usr/lib/python2.7/keyword.pyo #usr/lib/python2.7/lib-dynload -#usr/lib/python2.7/lib-dynload/Python-2.7.13-py2.7.egg-info +#usr/lib/python2.7/lib-dynload/Python-2.7.15-py2.7.egg-info usr/lib/python2.7/lib-dynload/_bisect.so usr/lib/python2.7/lib-dynload/_bsddb.so usr/lib/python2.7/lib-dynload/_codecs_cn.so @@ -2100,9 +2100,9 @@ usr/lib/python2.7/lib-dynload/zlib.so #usr/lib/python2.7/lib-tk/turtle.pyo #usr/lib/python2.7/lib2to3 #usr/lib/python2.7/lib2to3/Grammar.txt -#usr/lib/python2.7/lib2to3/Grammar2.7.13.final.0.pickle +#usr/lib/python2.7/lib2to3/Grammar2.7.15.final.0.pickle #usr/lib/python2.7/lib2to3/PatternGrammar.txt -#usr/lib/python2.7/lib2to3/PatternGrammar2.7.13.final.0.pickle +#usr/lib/python2.7/lib2to3/PatternGrammar2.7.15.final.0.pickle #usr/lib/python2.7/lib2to3/__init__.py #usr/lib/python2.7/lib2to3/__init__.pyc #usr/lib/python2.7/lib2to3/__init__.pyo @@ -2752,6 +2752,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/__init__.py #usr/lib/python2.7/test/__init__.pyc #usr/lib/python2.7/test/__init__.pyo +#usr/lib/python2.7/test/__main__.py +#usr/lib/python2.7/test/__main__.pyc +#usr/lib/python2.7/test/__main__.pyo #usr/lib/python2.7/test/_mock_backport.py #usr/lib/python2.7/test/_mock_backport.pyc #usr/lib/python2.7/test/_mock_backport.pyo @@ -2790,6 +2793,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/badsyntax_future8.py #usr/lib/python2.7/test/badsyntax_future9.py #usr/lib/python2.7/test/badsyntax_nocaret.py +#usr/lib/python2.7/test/bisect.py +#usr/lib/python2.7/test/bisect.pyc +#usr/lib/python2.7/test/bisect.pyo #usr/lib/python2.7/test/capath #usr/lib/python2.7/test/capath/0e4015b9.0 #usr/lib/python2.7/test/capath/4e1295a3.0 @@ -3040,6 +3046,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/mp_fork_bomb.py #usr/lib/python2.7/test/mp_fork_bomb.pyc #usr/lib/python2.7/test/mp_fork_bomb.pyo +#usr/lib/python2.7/test/multibytecodec_support.py +#usr/lib/python2.7/test/multibytecodec_support.pyc +#usr/lib/python2.7/test/multibytecodec_support.pyo #usr/lib/python2.7/test/nokia.pem #usr/lib/python2.7/test/nullbytecert.pem #usr/lib/python2.7/test/nullcert.pem @@ -3065,6 +3074,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/pystone.py #usr/lib/python2.7/test/pystone.pyc #usr/lib/python2.7/test/pystone.pyo +#usr/lib/python2.7/test/pythoninfo.py +#usr/lib/python2.7/test/pythoninfo.pyc +#usr/lib/python2.7/test/pythoninfo.pyo #usr/lib/python2.7/test/randv2_32.pck #usr/lib/python2.7/test/randv2_64.pck #usr/lib/python2.7/test/randv3.pck @@ -3098,7 +3110,6 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/seq_tests.pyc #usr/lib/python2.7/test/seq_tests.pyo #usr/lib/python2.7/test/sgml_input.html -#usr/lib/python2.7/test/sha256.pem #usr/lib/python2.7/test/sortperf.py #usr/lib/python2.7/test/sortperf.pyc #usr/lib/python2.7/test/sortperf.pyo @@ -3118,6 +3129,13 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.py #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.pyc #usr/lib/python2.7/test/subprocessdata/sigchild_ignore.pyo +#usr/lib/python2.7/test/support +#usr/lib/python2.7/test/support/__init__.py +#usr/lib/python2.7/test/support/__init__.pyc +#usr/lib/python2.7/test/support/__init__.pyo +#usr/lib/python2.7/test/support/script_helper.py +#usr/lib/python2.7/test/support/script_helper.pyc +#usr/lib/python2.7/test/support/script_helper.pyo #usr/lib/python2.7/test/symlink_support.py #usr/lib/python2.7/test/symlink_support.pyc #usr/lib/python2.7/test/symlink_support.pyo @@ -3663,6 +3681,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_import.py #usr/lib/python2.7/test/test_import.pyc #usr/lib/python2.7/test/test_import.pyo +#usr/lib/python2.7/test/test_import_magic.py +#usr/lib/python2.7/test/test_import_magic.pyc +#usr/lib/python2.7/test/test_import_magic.pyo #usr/lib/python2.7/test/test_importhooks.py #usr/lib/python2.7/test/test_importhooks.pyc #usr/lib/python2.7/test/test_importhooks.pyo @@ -3792,9 +3813,6 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_multibytecodec.py #usr/lib/python2.7/test/test_multibytecodec.pyc #usr/lib/python2.7/test/test_multibytecodec.pyo -#usr/lib/python2.7/test/test_multibytecodec_support.py -#usr/lib/python2.7/test/test_multibytecodec_support.pyc -#usr/lib/python2.7/test/test_multibytecodec_support.pyo #usr/lib/python2.7/test/test_multifile.py #usr/lib/python2.7/test/test_multifile.pyc #usr/lib/python2.7/test/test_multifile.pyo @@ -3963,6 +3981,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_readline.py #usr/lib/python2.7/test/test_readline.pyc #usr/lib/python2.7/test/test_readline.pyo +#usr/lib/python2.7/test/test_regrtest.py +#usr/lib/python2.7/test/test_regrtest.pyc +#usr/lib/python2.7/test/test_regrtest.pyo #usr/lib/python2.7/test/test_repr.py #usr/lib/python2.7/test/test_repr.pyc #usr/lib/python2.7/test/test_repr.pyo @@ -4140,6 +4161,9 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/test_tempfile.py #usr/lib/python2.7/test/test_tempfile.pyc #usr/lib/python2.7/test/test_tempfile.pyo +#usr/lib/python2.7/test/test_test_support.py +#usr/lib/python2.7/test/test_test_support.pyc +#usr/lib/python2.7/test/test_test_support.pyo #usr/lib/python2.7/test/test_textwrap.py #usr/lib/python2.7/test/test_textwrap.pyc #usr/lib/python2.7/test/test_textwrap.pyo @@ -4373,6 +4397,7 @@ usr/lib/python2.7/tempfile.pyc #usr/lib/python2.7/test/win_console_handler.pyo #usr/lib/python2.7/test/wrongcert.pem #usr/lib/python2.7/test/xmltestdata +#usr/lib/python2.7/test/xmltestdata/expat224_utf8_bug.xml #usr/lib/python2.7/test/xmltestdata/simple-ns.xml #usr/lib/python2.7/test/xmltestdata/simple.xml #usr/lib/python2.7/test/xmltestdata/test.xml diff --git a/config/rootfiles/common/xtables-addons b/config/rootfiles/common= /xtables-addons index 9e0739528..cb958ee7e 100644 --- a/config/rootfiles/common/xtables-addons +++ b/config/rootfiles/common/xtables-addons @@ -2,7 +2,6 @@ lib/xtables/libxt_ACCOUNT.so lib/xtables/libxt_CHAOS.so lib/xtables/libxt_DELUDE.so lib/xtables/libxt_DHCPMAC.so -#lib/xtables/libxt_DNETMAP.so lib/xtables/libxt_ECHO.so lib/xtables/libxt_IPMARK.so lib/xtables/libxt_LOGMARK.so @@ -26,6 +25,7 @@ usr/lib/libxt_ACCOUNT_cl.so.0.0.0 #usr/libexec/xtables-addons usr/libexec/xtables-addons/xt_geoip_build usr/libexec/xtables-addons/xt_geoip_dl +usr/local/bin/xt_geoip_build usr/sbin/iptaccount #usr/share/man/man1/xt_geoip_build.1 #usr/share/man/man1/xt_geoip_dl.1 diff --git a/config/rootfiles/core/126/exclude b/config/rootfiles/core/127/ex= clude similarity index 100% rename from config/rootfiles/core/126/exclude rename to config/rootfiles/core/127/exclude diff --git a/config/rootfiles/core/127/filelists/aarch64/files b/config/rootf= iles/core/127/filelists/aarch64/files new file mode 100644 index 000000000..d76f3915c --- /dev/null +++ b/config/rootfiles/core/127/filelists/aarch64/files @@ -0,0 +1,9 @@ +boot/boot.cmd +boot/boot.scr +etc/system-release +etc/issue +srv/web/ipfire/cgi-bin/credits.cgi +var/ipfire/langs +etc/rc.d/init.d/aws +etc/rc.d/init.d/unbound +srv/web/ipfire/cgi-bin/dnsforward.cgi diff --git a/config/rootfiles/core/127/filelists/aarch64/grub b/config/rootfi= les/core/127/filelists/aarch64/grub new file mode 120000 index 000000000..40ae85fb6 --- /dev/null +++ b/config/rootfiles/core/127/filelists/aarch64/grub @@ -0,0 +1 @@ +../../../../common/aarch64/grub \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/aarch64/python b/config/root= files/core/127/filelists/aarch64/python new file mode 120000 index 000000000..b2b0103b6 --- /dev/null +++ b/config/rootfiles/core/127/filelists/aarch64/python @@ -0,0 +1 @@ +../../../../common/aarch64/python \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/aarch64/xtables-addons-kmod = b/config/rootfiles/core/127/filelists/aarch64/xtables-addons-kmod new file mode 100644 index 000000000..154a5b70f --- /dev/null +++ b/config/rootfiles/core/127/filelists/aarch64/xtables-addons-kmod @@ -0,0 +1,18 @@ +lib/modules/KVER-ipfire/extra/compat_xtables.ko +lib/modules/KVER-ipfire/extra/xt_CHAOS.ko +lib/modules/KVER-ipfire/extra/xt_DELUDE.ko +lib/modules/KVER-ipfire/extra/xt_DHCPMAC.ko +lib/modules/KVER-ipfire/extra/xt_ECHO.ko +lib/modules/KVER-ipfire/extra/xt_IPMARK.ko +lib/modules/KVER-ipfire/extra/xt_LOGMARK.ko +lib/modules/KVER-ipfire/extra/xt_TARPIT.ko +lib/modules/KVER-ipfire/extra/xt_condition.ko +lib/modules/KVER-ipfire/extra/xt_fuzzy.ko +lib/modules/KVER-ipfire/extra/xt_geoip.ko +lib/modules/KVER-ipfire/extra/xt_iface.ko +lib/modules/KVER-ipfire/extra/xt_ipp2p.ko +lib/modules/KVER-ipfire/extra/xt_ipv4options.ko +lib/modules/KVER-ipfire/extra/xt_length2.ko +lib/modules/KVER-ipfire/extra/xt_lscan.ko +lib/modules/KVER-ipfire/extra/xt_psd.ko +lib/modules/KVER-ipfire/extra/xt_quota2.ko diff --git a/config/rootfiles/core/127/filelists/armv5tel/files b/config/root= files/core/127/filelists/armv5tel/files new file mode 100644 index 000000000..6a00446f4 --- /dev/null +++ b/config/rootfiles/core/127/filelists/armv5tel/files @@ -0,0 +1,2 @@ +boot/boot.cmd +boot/boot.scr diff --git a/config/rootfiles/core/127/filelists/armv5tel/python b/config/roo= tfiles/core/127/filelists/armv5tel/python new file mode 120000 index 000000000..df0dd5c06 --- /dev/null +++ b/config/rootfiles/core/127/filelists/armv5tel/python @@ -0,0 +1 @@ +../../../../common/armv5tel/python \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/armv5tel/xtables-addons-kmod= -kirkwood b/config/rootfiles/core/127/filelists/armv5tel/xtables-addons-kmod-= kirkwood new file mode 100644 index 000000000..3effb6443 --- /dev/null +++ b/config/rootfiles/core/127/filelists/armv5tel/xtables-addons-kmod-kirkwo= od @@ -0,0 +1,18 @@ +lib/modules/KVER-ipfire-kirkwood/extra/compat_xtables.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_CHAOS.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_DELUDE.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_DHCPMAC.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_ECHO.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_IPMARK.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_LOGMARK.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_TARPIT.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_condition.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_fuzzy.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_geoip.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_iface.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_ipp2p.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_ipv4options.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_length2.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_lscan.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_psd.ko +lib/modules/KVER-ipfire-kirkwood/extra/xt_quota2.ko diff --git a/config/rootfiles/core/127/filelists/armv5tel/xtables-addons-kmod= -multi b/config/rootfiles/core/127/filelists/armv5tel/xtables-addons-kmod-mul= ti new file mode 100644 index 000000000..a30335d25 --- /dev/null +++ b/config/rootfiles/core/127/filelists/armv5tel/xtables-addons-kmod-multi @@ -0,0 +1,18 @@ +lib/modules/KVER-ipfire-multi/extra/compat_xtables.ko +lib/modules/KVER-ipfire-multi/extra/xt_CHAOS.ko +lib/modules/KVER-ipfire-multi/extra/xt_DELUDE.ko +lib/modules/KVER-ipfire-multi/extra/xt_DHCPMAC.ko +lib/modules/KVER-ipfire-multi/extra/xt_ECHO.ko +lib/modules/KVER-ipfire-multi/extra/xt_IPMARK.ko +lib/modules/KVER-ipfire-multi/extra/xt_LOGMARK.ko +lib/modules/KVER-ipfire-multi/extra/xt_TARPIT.ko +lib/modules/KVER-ipfire-multi/extra/xt_condition.ko +lib/modules/KVER-ipfire-multi/extra/xt_fuzzy.ko +lib/modules/KVER-ipfire-multi/extra/xt_geoip.ko +lib/modules/KVER-ipfire-multi/extra/xt_iface.ko +lib/modules/KVER-ipfire-multi/extra/xt_ipp2p.ko +lib/modules/KVER-ipfire-multi/extra/xt_ipv4options.ko +lib/modules/KVER-ipfire-multi/extra/xt_length2.ko +lib/modules/KVER-ipfire-multi/extra/xt_lscan.ko +lib/modules/KVER-ipfire-multi/extra/xt_psd.ko +lib/modules/KVER-ipfire-multi/extra/xt_quota2.ko diff --git a/config/rootfiles/core/127/filelists/files b/config/rootfiles/cor= e/127/filelists/files new file mode 100644 index 000000000..4b001af63 --- /dev/null +++ b/config/rootfiles/core/127/filelists/files @@ -0,0 +1,20 @@ +etc/system-release +etc/issue +etc/modprobe.d/framebuffer.conf +srv/web/ipfire/cgi-bin/credits.cgi +var/ipfire/langs +etc/rc.d/init.d/aws +etc/rc.d/init.d/conntrackd +etc/rc.d/init.d/unbound +etc/rc.d/rc0.d/K77conntrackd +etc/rc.d/rc3.d/S22conntrackd +etc/rc.d/rc6.d/K77conntrackd +etc/sysctl.conf +srv/web/ipfire/cgi-bin/dnsforward.cgi +srv/web/ipfire/cgi-bin/ids.cgi +srv/web/ipfire/cgi-bin/ovpnmain.cgi +srv/web/ipfire/cgi-bin/proxy.cgi +srv/web/ipfire/cgi-bin/vpnmain.cgi +usr/lib/firewall/firewall-lib.pl +var/ipfire/backup/include +var/ipfire/geoip-functions.pl diff --git a/config/rootfiles/core/127/filelists/fireinfo b/config/rootfiles/= core/127/filelists/fireinfo new file mode 120000 index 000000000..c46115521 --- /dev/null +++ b/config/rootfiles/core/127/filelists/fireinfo @@ -0,0 +1 @@ +../../../common/fireinfo \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/i586/grub b/config/rootfiles= /core/127/filelists/i586/grub new file mode 120000 index 000000000..feb236a22 --- /dev/null +++ b/config/rootfiles/core/127/filelists/i586/grub @@ -0,0 +1 @@ +../../../../common/i586/grub \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/i586/python b/config/rootfil= es/core/127/filelists/i586/python new file mode 120000 index 000000000..a2b842b99 --- /dev/null +++ b/config/rootfiles/core/127/filelists/i586/python @@ -0,0 +1 @@ +../../../../common/i586/python \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/i586/xtables-addons-kmod b/c= onfig/rootfiles/core/127/filelists/i586/xtables-addons-kmod new file mode 100644 index 000000000..154a5b70f --- /dev/null +++ b/config/rootfiles/core/127/filelists/i586/xtables-addons-kmod @@ -0,0 +1,18 @@ +lib/modules/KVER-ipfire/extra/compat_xtables.ko +lib/modules/KVER-ipfire/extra/xt_CHAOS.ko +lib/modules/KVER-ipfire/extra/xt_DELUDE.ko +lib/modules/KVER-ipfire/extra/xt_DHCPMAC.ko +lib/modules/KVER-ipfire/extra/xt_ECHO.ko +lib/modules/KVER-ipfire/extra/xt_IPMARK.ko +lib/modules/KVER-ipfire/extra/xt_LOGMARK.ko +lib/modules/KVER-ipfire/extra/xt_TARPIT.ko +lib/modules/KVER-ipfire/extra/xt_condition.ko +lib/modules/KVER-ipfire/extra/xt_fuzzy.ko +lib/modules/KVER-ipfire/extra/xt_geoip.ko +lib/modules/KVER-ipfire/extra/xt_iface.ko +lib/modules/KVER-ipfire/extra/xt_ipp2p.ko +lib/modules/KVER-ipfire/extra/xt_ipv4options.ko +lib/modules/KVER-ipfire/extra/xt_length2.ko +lib/modules/KVER-ipfire/extra/xt_lscan.ko +lib/modules/KVER-ipfire/extra/xt_psd.ko +lib/modules/KVER-ipfire/extra/xt_quota2.ko diff --git a/config/rootfiles/core/127/filelists/pcre b/config/rootfiles/core= /127/filelists/pcre new file mode 120000 index 000000000..b390d9a36 --- /dev/null +++ b/config/rootfiles/core/127/filelists/pcre @@ -0,0 +1 @@ +../../../common/pcre \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/perl-Net-CIDR-Lite b/config/= rootfiles/core/127/filelists/perl-Net-CIDR-Lite new file mode 120000 index 000000000..a51cf8773 --- /dev/null +++ b/config/rootfiles/core/127/filelists/perl-Net-CIDR-Lite @@ -0,0 +1 @@ +../../../common/perl-Net-CIDR-Lite \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/snort b/config/rootfiles/cor= e/127/filelists/snort new file mode 120000 index 000000000..9406ce01c --- /dev/null +++ b/config/rootfiles/core/127/filelists/snort @@ -0,0 +1 @@ +../../../common/snort \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/sqlite b/config/rootfiles/co= re/127/filelists/sqlite new file mode 120000 index 000000000..4ea569766 --- /dev/null +++ b/config/rootfiles/core/127/filelists/sqlite @@ -0,0 +1 @@ +../../../common/sqlite \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/squid b/config/rootfiles/cor= e/127/filelists/squid new file mode 120000 index 000000000..2dc8372a0 --- /dev/null +++ b/config/rootfiles/core/127/filelists/squid @@ -0,0 +1 @@ +../../../common/squid \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/tar b/config/rootfiles/core/= 127/filelists/tar new file mode 120000 index 000000000..3e585d2eb --- /dev/null +++ b/config/rootfiles/core/127/filelists/tar @@ -0,0 +1 @@ +../../../common/tar \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/unbound b/config/rootfiles/c= ore/127/filelists/unbound new file mode 120000 index 000000000..66adf0924 --- /dev/null +++ b/config/rootfiles/core/127/filelists/unbound @@ -0,0 +1 @@ +../../../common/unbound \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/wget b/config/rootfiles/core= /127/filelists/wget new file mode 120000 index 000000000..fcb57dfec --- /dev/null +++ b/config/rootfiles/core/127/filelists/wget @@ -0,0 +1 @@ +../../../common/wget \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/x86_64/grub b/config/rootfil= es/core/127/filelists/x86_64/grub new file mode 120000 index 000000000..78d3bd784 --- /dev/null +++ b/config/rootfiles/core/127/filelists/x86_64/grub @@ -0,0 +1 @@ +../../../../common/x86_64/grub \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/x86_64/python b/config/rootf= iles/core/127/filelists/x86_64/python new file mode 120000 index 000000000..a593187de --- /dev/null +++ b/config/rootfiles/core/127/filelists/x86_64/python @@ -0,0 +1 @@ +../../../../common/x86_64/python \ No newline at end of file diff --git a/config/rootfiles/core/127/filelists/x86_64/xtables-addons-kmod b= /config/rootfiles/core/127/filelists/x86_64/xtables-addons-kmod new file mode 100644 index 000000000..154a5b70f --- /dev/null +++ b/config/rootfiles/core/127/filelists/x86_64/xtables-addons-kmod @@ -0,0 +1,18 @@ +lib/modules/KVER-ipfire/extra/compat_xtables.ko +lib/modules/KVER-ipfire/extra/xt_CHAOS.ko +lib/modules/KVER-ipfire/extra/xt_DELUDE.ko +lib/modules/KVER-ipfire/extra/xt_DHCPMAC.ko +lib/modules/KVER-ipfire/extra/xt_ECHO.ko +lib/modules/KVER-ipfire/extra/xt_IPMARK.ko +lib/modules/KVER-ipfire/extra/xt_LOGMARK.ko +lib/modules/KVER-ipfire/extra/xt_TARPIT.ko +lib/modules/KVER-ipfire/extra/xt_condition.ko +lib/modules/KVER-ipfire/extra/xt_fuzzy.ko +lib/modules/KVER-ipfire/extra/xt_geoip.ko +lib/modules/KVER-ipfire/extra/xt_iface.ko +lib/modules/KVER-ipfire/extra/xt_ipp2p.ko +lib/modules/KVER-ipfire/extra/xt_ipv4options.ko +lib/modules/KVER-ipfire/extra/xt_length2.ko +lib/modules/KVER-ipfire/extra/xt_lscan.ko +lib/modules/KVER-ipfire/extra/xt_psd.ko +lib/modules/KVER-ipfire/extra/xt_quota2.ko diff --git a/config/rootfiles/core/127/filelists/xtables-addons b/config/root= files/core/127/filelists/xtables-addons new file mode 120000 index 000000000..2e24c4298 --- /dev/null +++ b/config/rootfiles/core/127/filelists/xtables-addons @@ -0,0 +1 @@ +../../../common/xtables-addons \ No newline at end of file diff --git a/config/rootfiles/core/127/update.sh b/config/rootfiles/core/127/= update.sh new file mode 100644 index 000000000..4fe045ec9 --- /dev/null +++ b/config/rootfiles/core/127/update.sh @@ -0,0 +1,73 @@ +#!/bin/bash +############################################################################ +# # +# This file is part of the IPFire Firewall. # +# # +# IPFire is free software; you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation; either version 3 of the License, or # +# (at your option) any later version. # +# # +# IPFire is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with IPFire; if not, write to the Free Software # +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # +# # +# Copyright (C) 2018 IPFire-Team . = # +# # +############################################################################ +# +. /opt/pakfire/lib/functions.sh +/usr/local/bin/backupctrl exclude >/dev/null 2>&1 + +core=3D127 + +# Remove old core updates from pakfire cache to save space... +for (( i=3D1; i<=3D$core; i++ )); do + rm -f /var/cache/pakfire/core-upgrade-*-$i.ipfire +done + +# Stop services +/etc/init.d/squid stop + +# Remove files + +# Extract files +extract_files + +# update linker config +ldconfig + +# Update Language cache +/usr/local/bin/update-lang-cache + +# Regenerate squid configuration file +sudo -u nobody /srv/web/ipfire/cgi-bin/proxy.cgi + +# Start services +/etc/init.d/unbound restart +/etc/init.d/squid start + +# Reload sysctl.conf +sysctl -p + +# Re-run depmod +depmod -a + +# Finish +/etc/init.d/fireinfo start +sendprofile + +# Update grub config to display new core version +if [ -e /boot/grub/grub.cfg ]; then + grub-mkconfig -o /boot/grub/grub.cfg +fi + +sync + +# Don't report the exitcode last command +exit 0 diff --git a/config/rootfiles/oldcore/126/exclude b/config/rootfiles/oldcore/= 126/exclude new file mode 100644 index 000000000..b22159878 --- /dev/null +++ b/config/rootfiles/oldcore/126/exclude @@ -0,0 +1,28 @@ +boot/config.txt +boot/grub/grub.cfg +boot/grub/grubenv +etc/alternatives +etc/collectd.custom +etc/default/grub +etc/ipsec.conf +etc/ipsec.secrets +etc/ipsec.user.conf +etc/ipsec.user.secrets +etc/localtime +etc/shadow +etc/snort/snort.conf +etc/ssl/openssl.cnf +etc/sudoers +etc/sysconfig/firewall.local +etc/sysconfig/rc.local +etc/udev/rules.d/30-persistent-network.rules +srv/web/ipfire/html/proxy.pac +var/ipfire/dma +var/ipfire/time +var/ipfire/ovpn +var/lib/alternatives +var/log/cache +var/log/dhcpcd.log +var/log/messages +var/state/dhcp/dhcpd.leases +var/updatecache diff --git a/config/rootfiles/core/126/filelists/aarch64/linux b/config/rootf= iles/oldcore/126/filelists/aarch64/linux similarity index 100% rename from config/rootfiles/core/126/filelists/aarch64/linux rename to config/rootfiles/oldcore/126/filelists/aarch64/linux diff --git a/config/rootfiles/core/126/filelists/aarch64/linux-initrd b/confi= g/rootfiles/oldcore/126/filelists/aarch64/linux-initrd similarity index 100% rename from config/rootfiles/core/126/filelists/aarch64/linux-initrd rename to config/rootfiles/oldcore/126/filelists/aarch64/linux-initrd diff --git a/config/rootfiles/core/126/filelists/armv5tel/linux-initrd-kirkwo= od b/config/rootfiles/oldcore/126/filelists/armv5tel/linux-initrd-kirkwood similarity index 100% rename from config/rootfiles/core/126/filelists/armv5tel/linux-initrd-kirkwood rename to config/rootfiles/oldcore/126/filelists/armv5tel/linux-initrd-kirkwo= od diff --git a/config/rootfiles/core/126/filelists/armv5tel/linux-initrd-multi = b/config/rootfiles/oldcore/126/filelists/armv5tel/linux-initrd-multi similarity index 100% rename from config/rootfiles/core/126/filelists/armv5tel/linux-initrd-multi rename to config/rootfiles/oldcore/126/filelists/armv5tel/linux-initrd-multi diff --git a/config/rootfiles/core/126/filelists/armv5tel/linux-kirkwood b/co= nfig/rootfiles/oldcore/126/filelists/armv5tel/linux-kirkwood similarity index 100% rename from config/rootfiles/core/126/filelists/armv5tel/linux-kirkwood rename to config/rootfiles/oldcore/126/filelists/armv5tel/linux-kirkwood diff --git a/config/rootfiles/core/126/filelists/armv5tel/linux-multi b/confi= g/rootfiles/oldcore/126/filelists/armv5tel/linux-multi similarity index 100% rename from config/rootfiles/core/126/filelists/armv5tel/linux-multi rename to config/rootfiles/oldcore/126/filelists/armv5tel/linux-multi diff --git a/config/rootfiles/core/126/filelists/bind b/config/rootfiles/oldc= ore/126/filelists/bind similarity index 100% rename from config/rootfiles/core/126/filelists/bind rename to config/rootfiles/oldcore/126/filelists/bind diff --git a/config/rootfiles/core/126/filelists/files b/config/rootfiles/old= core/126/filelists/files similarity index 100% rename from config/rootfiles/core/126/filelists/files rename to config/rootfiles/oldcore/126/filelists/files diff --git a/config/rootfiles/core/126/filelists/i586/linux b/config/rootfile= s/oldcore/126/filelists/i586/linux similarity index 100% rename from config/rootfiles/core/126/filelists/i586/linux rename to config/rootfiles/oldcore/126/filelists/i586/linux diff --git a/config/rootfiles/core/126/filelists/i586/linux-initrd b/config/r= ootfiles/oldcore/126/filelists/i586/linux-initrd similarity index 100% rename from config/rootfiles/core/126/filelists/i586/linux-initrd rename to config/rootfiles/oldcore/126/filelists/i586/linux-initrd diff --git a/config/rootfiles/core/126/filelists/libconfig b/config/rootfiles= /oldcore/126/filelists/libconfig similarity index 100% rename from config/rootfiles/core/126/filelists/libconfig rename to config/rootfiles/oldcore/126/filelists/libconfig diff --git a/config/rootfiles/core/126/filelists/openssl b/config/rootfiles/o= ldcore/126/filelists/openssl similarity index 100% rename from config/rootfiles/core/126/filelists/openssl rename to config/rootfiles/oldcore/126/filelists/openssl diff --git a/config/rootfiles/core/126/filelists/openssl-compat b/config/root= files/oldcore/126/filelists/openssl-compat similarity index 100% rename from config/rootfiles/core/126/filelists/openssl-compat rename to config/rootfiles/oldcore/126/filelists/openssl-compat diff --git a/config/rootfiles/core/126/filelists/x86_64/linux b/config/rootfi= les/oldcore/126/filelists/x86_64/linux similarity index 100% rename from config/rootfiles/core/126/filelists/x86_64/linux rename to config/rootfiles/oldcore/126/filelists/x86_64/linux diff --git a/config/rootfiles/core/126/filelists/x86_64/linux-initrd b/config= /rootfiles/oldcore/126/filelists/x86_64/linux-initrd similarity index 100% rename from config/rootfiles/core/126/filelists/x86_64/linux-initrd rename to config/rootfiles/oldcore/126/filelists/x86_64/linux-initrd diff --git a/config/rootfiles/core/126/update.sh b/config/rootfiles/oldcore/1= 26/update.sh similarity index 100% rename from config/rootfiles/core/126/update.sh rename to config/rootfiles/oldcore/126/update.sh diff --git a/config/rootfiles/packages/clamav b/config/rootfiles/packages/cla= mav index 2be31d5db..e95d4dc6e 100644 --- a/config/rootfiles/packages/clamav +++ b/config/rootfiles/packages/clamav @@ -8,26 +8,25 @@ usr/bin/clamscan usr/bin/clamsubmit usr/bin/freshclam usr/bin/sigtool +#usr/include/clamav-types.h #usr/include/clamav.h #usr/lib/libclamav.la usr/lib/libclamav.so -usr/lib/libclamav.so.7 -usr/lib/libclamav.so.7.1.1 -#usr/lib/libclammspack.a +usr/lib/libclamav.so.9 +usr/lib/libclamav.so.9.0.1 #usr/lib/libclammspack.la usr/lib/libclammspack.so usr/lib/libclammspack.so.0 usr/lib/libclammspack.so.0.1.0 #usr/lib/libclamunrar.la usr/lib/libclamunrar.so -usr/lib/libclamunrar.so.7 -usr/lib/libclamunrar.so.7.1.1 +usr/lib/libclamunrar.so.9 +usr/lib/libclamunrar.so.9.0.1 #usr/lib/libclamunrar_iface.la usr/lib/libclamunrar_iface.so -usr/lib/libclamunrar_iface.so.7 -usr/lib/libclamunrar_iface.so.7.1.1 +usr/lib/libclamunrar_iface.so.9 +usr/lib/libclamunrar_iface.so.9.0.1 #usr/lib/pkgconfig/libclamav.pc -#usr/lib/pkgconfig/libclammspack.pc usr/sbin/clamd #usr/share/man/man1/clambc.1 #usr/share/man/man1/clamconf.1 diff --git a/config/rootfiles/packages/libvirt b/config/rootfiles/packages/li= bvirt index 30b9d1329..633febf05 100644 --- a/config/rootfiles/packages/libvirt +++ b/config/rootfiles/packages/libvirt @@ -62,19 +62,19 @@ usr/bin/virt-xml-validate #usr/lib/libvirt-admin.la #usr/lib/libvirt-admin.so usr/lib/libvirt-admin.so.0 -usr/lib/libvirt-admin.so.0.4006.0 +usr/lib/libvirt-admin.so.0.4010.0 #usr/lib/libvirt-lxc.la #usr/lib/libvirt-lxc.so usr/lib/libvirt-lxc.so.0 -usr/lib/libvirt-lxc.so.0.4006.0 +usr/lib/libvirt-lxc.so.0.4010.0 #usr/lib/libvirt-qemu.la #usr/lib/libvirt-qemu.so usr/lib/libvirt-qemu.so.0 -usr/lib/libvirt-qemu.so.0.4006.0 +usr/lib/libvirt-qemu.so.0.4010.0 #usr/lib/libvirt.la #usr/lib/libvirt.so usr/lib/libvirt.so.0 -usr/lib/libvirt.so.0.4006.0 +usr/lib/libvirt.so.0.4010.0 #usr/lib/libvirt/connection-driver #usr/lib/libvirt/connection-driver/libvirt_driver_interface.la usr/lib/libvirt/connection-driver/libvirt_driver_interface.so @@ -120,171 +120,171 @@ usr/sbin/virtlogd #usr/share/augeas/lenses/tests/test_virtlogd.aug #usr/share/augeas/lenses/virtlockd.aug #usr/share/augeas/lenses/virtlogd.aug -#usr/share/doc/libvirt-4.6.0 -#usr/share/doc/libvirt-4.6.0/html -#usr/share/doc/libvirt-4.6.0/html/32favicon.png -#usr/share/doc/libvirt-4.6.0/html/404.html -#usr/share/doc/libvirt-4.6.0/html/acl.html -#usr/share/doc/libvirt-4.6.0/html/aclpolkit.html -#usr/share/doc/libvirt-4.6.0/html/api.html -#usr/share/doc/libvirt-4.6.0/html/api_extension.html -#usr/share/doc/libvirt-4.6.0/html/apps.html -#usr/share/doc/libvirt-4.6.0/html/architecture.gif -#usr/share/doc/libvirt-4.6.0/html/architecture.html -#usr/share/doc/libvirt-4.6.0/html/auditlog.html -#usr/share/doc/libvirt-4.6.0/html/auth.html -#usr/share/doc/libvirt-4.6.0/html/bindings.html -#usr/share/doc/libvirt-4.6.0/html/bugs.html -#usr/share/doc/libvirt-4.6.0/html/cgroups.html -#usr/share/doc/libvirt-4.6.0/html/compiling.html -#usr/share/doc/libvirt-4.6.0/html/contact.html -#usr/share/doc/libvirt-4.6.0/html/contribute.html -#usr/share/doc/libvirt-4.6.0/html/csharp.html -#usr/share/doc/libvirt-4.6.0/html/dbus.html -#usr/share/doc/libvirt-4.6.0/html/devguide.html -#usr/share/doc/libvirt-4.6.0/html/docs.html -#usr/share/doc/libvirt-4.6.0/html/downloads.html -#usr/share/doc/libvirt-4.6.0/html/drivers.html -#usr/share/doc/libvirt-4.6.0/html/drvbhyve.html -#usr/share/doc/libvirt-4.6.0/html/drvesx.html -#usr/share/doc/libvirt-4.6.0/html/drvhyperv.html -#usr/share/doc/libvirt-4.6.0/html/drvlxc.html -#usr/share/doc/libvirt-4.6.0/html/drvnodedev.html -#usr/share/doc/libvirt-4.6.0/html/drvopenvz.html -#usr/share/doc/libvirt-4.6.0/html/drvphyp.html -#usr/share/doc/libvirt-4.6.0/html/drvqemu.html -#usr/share/doc/libvirt-4.6.0/html/drvremote.html -#usr/share/doc/libvirt-4.6.0/html/drvtest.html -#usr/share/doc/libvirt-4.6.0/html/drvuml.html -#usr/share/doc/libvirt-4.6.0/html/drvvbox.html -#usr/share/doc/libvirt-4.6.0/html/drvvirtuozzo.html -#usr/share/doc/libvirt-4.6.0/html/drvvmware.html -#usr/share/doc/libvirt-4.6.0/html/drvxen.html -#usr/share/doc/libvirt-4.6.0/html/errors.html -#usr/share/doc/libvirt-4.6.0/html/firewall.html -#usr/share/doc/libvirt-4.6.0/html/fonts -#usr/share/doc/libvirt-4.6.0/html/fonts/LICENSE.md -#usr/share/doc/libvirt-4.6.0/html/fonts/overpass-bold-italic.woff -#usr/share/doc/libvirt-4.6.0/html/fonts/overpass-bold.woff -#usr/share/doc/libvirt-4.6.0/html/fonts/overpass-italic.woff -#usr/share/doc/libvirt-4.6.0/html/fonts/overpass-light-italic.woff -#usr/share/doc/libvirt-4.6.0/html/fonts/overpass-light.woff -#usr/share/doc/libvirt-4.6.0/html/fonts/overpass-mono-bold.woff -#usr/share/doc/libvirt-4.6.0/html/fonts/overpass-mono-light.woff -#usr/share/doc/libvirt-4.6.0/html/fonts/overpass-mono-regular.woff -#usr/share/doc/libvirt-4.6.0/html/fonts/overpass-mono-semibold.woff -#usr/share/doc/libvirt-4.6.0/html/fonts/overpass-regular.woff -#usr/share/doc/libvirt-4.6.0/html/fonts/stylesheet.css -#usr/share/doc/libvirt-4.6.0/html/format.html -#usr/share/doc/libvirt-4.6.0/html/formatcaps.html -#usr/share/doc/libvirt-4.6.0/html/formatdomain.html -#usr/share/doc/libvirt-4.6.0/html/formatdomaincaps.html -#usr/share/doc/libvirt-4.6.0/html/formatnetwork.html -#usr/share/doc/libvirt-4.6.0/html/formatnode.html -#usr/share/doc/libvirt-4.6.0/html/formatnwfilter.html -#usr/share/doc/libvirt-4.6.0/html/formatsecret.html -#usr/share/doc/libvirt-4.6.0/html/formatsnapshot.html -#usr/share/doc/libvirt-4.6.0/html/formatstorage.html -#usr/share/doc/libvirt-4.6.0/html/formatstorageencryption.html -#usr/share/doc/libvirt-4.6.0/html/generic.css -#usr/share/doc/libvirt-4.6.0/html/goals.html -#usr/share/doc/libvirt-4.6.0/html/governance.html -#usr/share/doc/libvirt-4.6.0/html/hacking.html -#usr/share/doc/libvirt-4.6.0/html/hooks.html -#usr/share/doc/libvirt-4.6.0/html/html -#usr/share/doc/libvirt-4.6.0/html/html/home.png -#usr/share/doc/libvirt-4.6.0/html/html/index.html -#usr/share/doc/libvirt-4.6.0/html/html/left.png -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-common.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-domain-snapshot.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-domain.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-event.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-host.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-interface.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-network.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-nodedev.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-nwfilter.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-secret.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-storage.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-libvirt-stream.html -#usr/share/doc/libvirt-4.6.0/html/html/libvirt-virterror.html -#usr/share/doc/libvirt-4.6.0/html/html/right.png -#usr/share/doc/libvirt-4.6.0/html/html/up.png -#usr/share/doc/libvirt-4.6.0/html/hvsupport.html -#usr/share/doc/libvirt-4.6.0/html/index.html -#usr/share/doc/libvirt-4.6.0/html/internals -#usr/share/doc/libvirt-4.6.0/html/internals.html -#usr/share/doc/libvirt-4.6.0/html/internals/command.html -#usr/share/doc/libvirt-4.6.0/html/internals/eventloop.html -#usr/share/doc/libvirt-4.6.0/html/internals/locking.html -#usr/share/doc/libvirt-4.6.0/html/internals/oomtesting.html -#usr/share/doc/libvirt-4.6.0/html/internals/rpc.html -#usr/share/doc/libvirt-4.6.0/html/java.html -#usr/share/doc/libvirt-4.6.0/html/libvirt-daemon-arch.png -#usr/share/doc/libvirt-4.6.0/html/libvirt-driver-arch.png -#usr/share/doc/libvirt-4.6.0/html/libvirt-object-model.png -#usr/share/doc/libvirt-4.6.0/html/libvirt.css -#usr/share/doc/libvirt-4.6.0/html/locking-lockd.html -#usr/share/doc/libvirt-4.6.0/html/locking-sanlock.html -#usr/share/doc/libvirt-4.6.0/html/locking.html -#usr/share/doc/libvirt-4.6.0/html/logging.html -#usr/share/doc/libvirt-4.6.0/html/logos -#usr/share/doc/libvirt-4.6.0/html/logos/logo-banner-dark-256.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-banner-dark-800.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-banner-dark.svg -#usr/share/doc/libvirt-4.6.0/html/logos/logo-banner-light-256.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-banner-light-800.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-banner-light.svg -#usr/share/doc/libvirt-4.6.0/html/logos/logo-base.svg -#usr/share/doc/libvirt-4.6.0/html/logos/logo-square-128.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-square-192.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-square-256.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-square-96.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-square-powered-128.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-square-powered-192.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-square-powered-256.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-square-powered-96.png -#usr/share/doc/libvirt-4.6.0/html/logos/logo-square-powered.svg -#usr/share/doc/libvirt-4.6.0/html/logos/logo-square.svg -#usr/share/doc/libvirt-4.6.0/html/main.css -#usr/share/doc/libvirt-4.6.0/html/migration-managed-direct.png -#usr/share/doc/libvirt-4.6.0/html/migration-managed-p2p.png -#usr/share/doc/libvirt-4.6.0/html/migration-native.png -#usr/share/doc/libvirt-4.6.0/html/migration-tunnel.png -#usr/share/doc/libvirt-4.6.0/html/migration-unmanaged-direct.png -#usr/share/doc/libvirt-4.6.0/html/migration.html -#usr/share/doc/libvirt-4.6.0/html/mobile.css -#usr/share/doc/libvirt-4.6.0/html/news-2005.html -#usr/share/doc/libvirt-4.6.0/html/news-2006.html -#usr/share/doc/libvirt-4.6.0/html/news-2007.html -#usr/share/doc/libvirt-4.6.0/html/news-2008.html -#usr/share/doc/libvirt-4.6.0/html/news-2009.html -#usr/share/doc/libvirt-4.6.0/html/news-2010.html -#usr/share/doc/libvirt-4.6.0/html/news-2011.html -#usr/share/doc/libvirt-4.6.0/html/news-2012.html -#usr/share/doc/libvirt-4.6.0/html/news-2013.html -#usr/share/doc/libvirt-4.6.0/html/news-2014.html -#usr/share/doc/libvirt-4.6.0/html/news-2015.html -#usr/share/doc/libvirt-4.6.0/html/news-2016.html -#usr/share/doc/libvirt-4.6.0/html/news.html -#usr/share/doc/libvirt-4.6.0/html/node.gif -#usr/share/doc/libvirt-4.6.0/html/nss.html -#usr/share/doc/libvirt-4.6.0/html/pci-hotplug.html -#usr/share/doc/libvirt-4.6.0/html/php.html -#usr/share/doc/libvirt-4.6.0/html/platforms.html -#usr/share/doc/libvirt-4.6.0/html/python.html -#usr/share/doc/libvirt-4.6.0/html/remote.html -#usr/share/doc/libvirt-4.6.0/html/secureusage.html -#usr/share/doc/libvirt-4.6.0/html/securityprocess.html -#usr/share/doc/libvirt-4.6.0/html/storage.html -#usr/share/doc/libvirt-4.6.0/html/support.html -#usr/share/doc/libvirt-4.6.0/html/testapi.html -#usr/share/doc/libvirt-4.6.0/html/testsuites.html -#usr/share/doc/libvirt-4.6.0/html/testtck.html -#usr/share/doc/libvirt-4.6.0/html/todo.html -#usr/share/doc/libvirt-4.6.0/html/uri.html -#usr/share/doc/libvirt-4.6.0/html/virshcmdref.html -#usr/share/doc/libvirt-4.6.0/html/windows.html +#usr/share/doc/libvirt-4.10.0 +#usr/share/doc/libvirt-4.10.0/html +#usr/share/doc/libvirt-4.10.0/html/32favicon.png +#usr/share/doc/libvirt-4.10.0/html/404.html +#usr/share/doc/libvirt-4.10.0/html/acl.html +#usr/share/doc/libvirt-4.10.0/html/aclpolkit.html +#usr/share/doc/libvirt-4.10.0/html/api.html +#usr/share/doc/libvirt-4.10.0/html/api_extension.html +#usr/share/doc/libvirt-4.10.0/html/apps.html +#usr/share/doc/libvirt-4.10.0/html/architecture.gif +#usr/share/doc/libvirt-4.10.0/html/architecture.html +#usr/share/doc/libvirt-4.10.0/html/auditlog.html +#usr/share/doc/libvirt-4.10.0/html/auth.html +#usr/share/doc/libvirt-4.10.0/html/bindings.html +#usr/share/doc/libvirt-4.10.0/html/bugs.html +#usr/share/doc/libvirt-4.10.0/html/cgroups.html +#usr/share/doc/libvirt-4.10.0/html/compiling.html +#usr/share/doc/libvirt-4.10.0/html/contact.html +#usr/share/doc/libvirt-4.10.0/html/contribute.html +#usr/share/doc/libvirt-4.10.0/html/csharp.html +#usr/share/doc/libvirt-4.10.0/html/dbus.html +#usr/share/doc/libvirt-4.10.0/html/devguide.html +#usr/share/doc/libvirt-4.10.0/html/docs.html +#usr/share/doc/libvirt-4.10.0/html/downloads.html +#usr/share/doc/libvirt-4.10.0/html/drivers.html +#usr/share/doc/libvirt-4.10.0/html/drvbhyve.html +#usr/share/doc/libvirt-4.10.0/html/drvesx.html +#usr/share/doc/libvirt-4.10.0/html/drvhyperv.html +#usr/share/doc/libvirt-4.10.0/html/drvlxc.html +#usr/share/doc/libvirt-4.10.0/html/drvnodedev.html +#usr/share/doc/libvirt-4.10.0/html/drvopenvz.html +#usr/share/doc/libvirt-4.10.0/html/drvphyp.html +#usr/share/doc/libvirt-4.10.0/html/drvqemu.html +#usr/share/doc/libvirt-4.10.0/html/drvremote.html +#usr/share/doc/libvirt-4.10.0/html/drvtest.html +#usr/share/doc/libvirt-4.10.0/html/drvuml.html +#usr/share/doc/libvirt-4.10.0/html/drvvbox.html +#usr/share/doc/libvirt-4.10.0/html/drvvirtuozzo.html +#usr/share/doc/libvirt-4.10.0/html/drvvmware.html +#usr/share/doc/libvirt-4.10.0/html/drvxen.html +#usr/share/doc/libvirt-4.10.0/html/errors.html +#usr/share/doc/libvirt-4.10.0/html/firewall.html +#usr/share/doc/libvirt-4.10.0/html/fonts +#usr/share/doc/libvirt-4.10.0/html/fonts/LICENSE.md +#usr/share/doc/libvirt-4.10.0/html/fonts/overpass-bold-italic.woff +#usr/share/doc/libvirt-4.10.0/html/fonts/overpass-bold.woff +#usr/share/doc/libvirt-4.10.0/html/fonts/overpass-italic.woff +#usr/share/doc/libvirt-4.10.0/html/fonts/overpass-light-italic.woff +#usr/share/doc/libvirt-4.10.0/html/fonts/overpass-light.woff +#usr/share/doc/libvirt-4.10.0/html/fonts/overpass-mono-bold.woff +#usr/share/doc/libvirt-4.10.0/html/fonts/overpass-mono-light.woff +#usr/share/doc/libvirt-4.10.0/html/fonts/overpass-mono-regular.woff +#usr/share/doc/libvirt-4.10.0/html/fonts/overpass-mono-semibold.woff +#usr/share/doc/libvirt-4.10.0/html/fonts/overpass-regular.woff +#usr/share/doc/libvirt-4.10.0/html/fonts/stylesheet.css +#usr/share/doc/libvirt-4.10.0/html/format.html +#usr/share/doc/libvirt-4.10.0/html/formatcaps.html +#usr/share/doc/libvirt-4.10.0/html/formatdomain.html +#usr/share/doc/libvirt-4.10.0/html/formatdomaincaps.html +#usr/share/doc/libvirt-4.10.0/html/formatnetwork.html +#usr/share/doc/libvirt-4.10.0/html/formatnode.html +#usr/share/doc/libvirt-4.10.0/html/formatnwfilter.html +#usr/share/doc/libvirt-4.10.0/html/formatsecret.html +#usr/share/doc/libvirt-4.10.0/html/formatsnapshot.html +#usr/share/doc/libvirt-4.10.0/html/formatstorage.html +#usr/share/doc/libvirt-4.10.0/html/formatstorageencryption.html +#usr/share/doc/libvirt-4.10.0/html/generic.css +#usr/share/doc/libvirt-4.10.0/html/goals.html +#usr/share/doc/libvirt-4.10.0/html/governance.html +#usr/share/doc/libvirt-4.10.0/html/hacking.html +#usr/share/doc/libvirt-4.10.0/html/hooks.html +#usr/share/doc/libvirt-4.10.0/html/html +#usr/share/doc/libvirt-4.10.0/html/html/home.png +#usr/share/doc/libvirt-4.10.0/html/html/index.html +#usr/share/doc/libvirt-4.10.0/html/html/left.png +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-common.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-domain-snapshot.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-domain.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-event.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-host.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-interface.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-network.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-nodedev.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-nwfilter.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-secret.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-storage.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-libvirt-stream.html +#usr/share/doc/libvirt-4.10.0/html/html/libvirt-virterror.html +#usr/share/doc/libvirt-4.10.0/html/html/right.png +#usr/share/doc/libvirt-4.10.0/html/html/up.png +#usr/share/doc/libvirt-4.10.0/html/hvsupport.html +#usr/share/doc/libvirt-4.10.0/html/index.html +#usr/share/doc/libvirt-4.10.0/html/internals +#usr/share/doc/libvirt-4.10.0/html/internals.html +#usr/share/doc/libvirt-4.10.0/html/internals/command.html +#usr/share/doc/libvirt-4.10.0/html/internals/eventloop.html +#usr/share/doc/libvirt-4.10.0/html/internals/locking.html +#usr/share/doc/libvirt-4.10.0/html/internals/oomtesting.html +#usr/share/doc/libvirt-4.10.0/html/internals/rpc.html +#usr/share/doc/libvirt-4.10.0/html/java.html +#usr/share/doc/libvirt-4.10.0/html/libvirt-daemon-arch.png +#usr/share/doc/libvirt-4.10.0/html/libvirt-driver-arch.png +#usr/share/doc/libvirt-4.10.0/html/libvirt-object-model.png +#usr/share/doc/libvirt-4.10.0/html/libvirt.css +#usr/share/doc/libvirt-4.10.0/html/locking-lockd.html +#usr/share/doc/libvirt-4.10.0/html/locking-sanlock.html +#usr/share/doc/libvirt-4.10.0/html/locking.html +#usr/share/doc/libvirt-4.10.0/html/logging.html +#usr/share/doc/libvirt-4.10.0/html/logos +#usr/share/doc/libvirt-4.10.0/html/logos/logo-banner-dark-256.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-banner-dark-800.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-banner-dark.svg +#usr/share/doc/libvirt-4.10.0/html/logos/logo-banner-light-256.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-banner-light-800.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-banner-light.svg +#usr/share/doc/libvirt-4.10.0/html/logos/logo-base.svg +#usr/share/doc/libvirt-4.10.0/html/logos/logo-square-128.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-square-192.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-square-256.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-square-96.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-square-powered-128.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-square-powered-192.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-square-powered-256.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-square-powered-96.png +#usr/share/doc/libvirt-4.10.0/html/logos/logo-square-powered.svg +#usr/share/doc/libvirt-4.10.0/html/logos/logo-square.svg +#usr/share/doc/libvirt-4.10.0/html/main.css +#usr/share/doc/libvirt-4.10.0/html/migration-managed-direct.png +#usr/share/doc/libvirt-4.10.0/html/migration-managed-p2p.png +#usr/share/doc/libvirt-4.10.0/html/migration-native.png +#usr/share/doc/libvirt-4.10.0/html/migration-tunnel.png +#usr/share/doc/libvirt-4.10.0/html/migration-unmanaged-direct.png +#usr/share/doc/libvirt-4.10.0/html/migration.html +#usr/share/doc/libvirt-4.10.0/html/mobile.css +#usr/share/doc/libvirt-4.10.0/html/news-2005.html +#usr/share/doc/libvirt-4.10.0/html/news-2006.html +#usr/share/doc/libvirt-4.10.0/html/news-2007.html +#usr/share/doc/libvirt-4.10.0/html/news-2008.html +#usr/share/doc/libvirt-4.10.0/html/news-2009.html +#usr/share/doc/libvirt-4.10.0/html/news-2010.html +#usr/share/doc/libvirt-4.10.0/html/news-2011.html +#usr/share/doc/libvirt-4.10.0/html/news-2012.html +#usr/share/doc/libvirt-4.10.0/html/news-2013.html +#usr/share/doc/libvirt-4.10.0/html/news-2014.html +#usr/share/doc/libvirt-4.10.0/html/news-2015.html +#usr/share/doc/libvirt-4.10.0/html/news-2016.html +#usr/share/doc/libvirt-4.10.0/html/news.html +#usr/share/doc/libvirt-4.10.0/html/node.gif +#usr/share/doc/libvirt-4.10.0/html/nss.html +#usr/share/doc/libvirt-4.10.0/html/pci-hotplug.html +#usr/share/doc/libvirt-4.10.0/html/php.html +#usr/share/doc/libvirt-4.10.0/html/platforms.html +#usr/share/doc/libvirt-4.10.0/html/python.html +#usr/share/doc/libvirt-4.10.0/html/remote.html +#usr/share/doc/libvirt-4.10.0/html/secureusage.html +#usr/share/doc/libvirt-4.10.0/html/securityprocess.html +#usr/share/doc/libvirt-4.10.0/html/storage.html +#usr/share/doc/libvirt-4.10.0/html/support.html +#usr/share/doc/libvirt-4.10.0/html/testapi.html +#usr/share/doc/libvirt-4.10.0/html/testsuites.html +#usr/share/doc/libvirt-4.10.0/html/testtck.html +#usr/share/doc/libvirt-4.10.0/html/todo.html +#usr/share/doc/libvirt-4.10.0/html/uri.html +#usr/share/doc/libvirt-4.10.0/html/virshcmdref.html +#usr/share/doc/libvirt-4.10.0/html/windows.html #usr/share/gtk-doc/html/libvirt #usr/share/gtk-doc/html/libvirt/general.html #usr/share/gtk-doc/html/libvirt/home.png @@ -301,7 +301,64 @@ usr/share/libvirt/api/libvirt-admin-api.xml usr/share/libvirt/api/libvirt-api.xml usr/share/libvirt/api/libvirt-lxc-api.xml usr/share/libvirt/api/libvirt-qemu-api.xml -usr/share/libvirt/cpu_map.xml +#usr/share/libvirt/cpu_map +usr/share/libvirt/cpu_map/index.xml +usr/share/libvirt/cpu_map/ppc64_POWER6.xml +usr/share/libvirt/cpu_map/ppc64_POWER7.xml +usr/share/libvirt/cpu_map/ppc64_POWER8.xml +usr/share/libvirt/cpu_map/ppc64_POWER9.xml +usr/share/libvirt/cpu_map/ppc64_POWERPC_e5500.xml +usr/share/libvirt/cpu_map/ppc64_POWERPC_e6500.xml +usr/share/libvirt/cpu_map/ppc64_vendors.xml +usr/share/libvirt/cpu_map/x86_486.xml +usr/share/libvirt/cpu_map/x86_Broadwell-IBRS.xml +usr/share/libvirt/cpu_map/x86_Broadwell-noTSX-IBRS.xml +usr/share/libvirt/cpu_map/x86_Broadwell-noTSX.xml +usr/share/libvirt/cpu_map/x86_Broadwell.xml +usr/share/libvirt/cpu_map/x86_Conroe.xml +usr/share/libvirt/cpu_map/x86_EPYC-IBRS.xml +usr/share/libvirt/cpu_map/x86_EPYC.xml +usr/share/libvirt/cpu_map/x86_Haswell-IBRS.xml +usr/share/libvirt/cpu_map/x86_Haswell-noTSX-IBRS.xml +usr/share/libvirt/cpu_map/x86_Haswell-noTSX.xml +usr/share/libvirt/cpu_map/x86_Haswell.xml +usr/share/libvirt/cpu_map/x86_Icelake-Client.xml +usr/share/libvirt/cpu_map/x86_Icelake-Server.xml +usr/share/libvirt/cpu_map/x86_IvyBridge-IBRS.xml +usr/share/libvirt/cpu_map/x86_IvyBridge.xml +usr/share/libvirt/cpu_map/x86_Nehalem-IBRS.xml +usr/share/libvirt/cpu_map/x86_Nehalem.xml +usr/share/libvirt/cpu_map/x86_Opteron_G1.xml +usr/share/libvirt/cpu_map/x86_Opteron_G2.xml +usr/share/libvirt/cpu_map/x86_Opteron_G3.xml +usr/share/libvirt/cpu_map/x86_Opteron_G4.xml +usr/share/libvirt/cpu_map/x86_Opteron_G5.xml +usr/share/libvirt/cpu_map/x86_Penryn.xml +usr/share/libvirt/cpu_map/x86_SandyBridge-IBRS.xml +usr/share/libvirt/cpu_map/x86_SandyBridge.xml +usr/share/libvirt/cpu_map/x86_Skylake-Client-IBRS.xml +usr/share/libvirt/cpu_map/x86_Skylake-Client.xml +usr/share/libvirt/cpu_map/x86_Skylake-Server-IBRS.xml +usr/share/libvirt/cpu_map/x86_Skylake-Server.xml +usr/share/libvirt/cpu_map/x86_Westmere-IBRS.xml +usr/share/libvirt/cpu_map/x86_Westmere.xml +usr/share/libvirt/cpu_map/x86_athlon.xml +usr/share/libvirt/cpu_map/x86_core2duo.xml +usr/share/libvirt/cpu_map/x86_coreduo.xml +usr/share/libvirt/cpu_map/x86_cpu64-rhel5.xml +usr/share/libvirt/cpu_map/x86_cpu64-rhel6.xml +usr/share/libvirt/cpu_map/x86_features.xml +usr/share/libvirt/cpu_map/x86_kvm32.xml +usr/share/libvirt/cpu_map/x86_kvm64.xml +usr/share/libvirt/cpu_map/x86_n270.xml +usr/share/libvirt/cpu_map/x86_pentium.xml +usr/share/libvirt/cpu_map/x86_pentium2.xml +usr/share/libvirt/cpu_map/x86_pentium3.xml +usr/share/libvirt/cpu_map/x86_pentiumpro.xml +usr/share/libvirt/cpu_map/x86_phenom.xml +usr/share/libvirt/cpu_map/x86_qemu32.xml +usr/share/libvirt/cpu_map/x86_qemu64.xml +usr/share/libvirt/cpu_map/x86_vendors.xml #usr/share/libvirt/schemas usr/share/libvirt/schemas/basictypes.rng usr/share/libvirt/schemas/capability.rng diff --git a/config/rootfiles/packages/mc b/config/rootfiles/packages/mc index 4733af6fa..06c536ed4 100644 --- a/config/rootfiles/packages/mc +++ b/config/rootfiles/packages/mc @@ -179,6 +179,7 @@ usr/share/mc/syntax/m4.syntax usr/share/mc/syntax/mail.syntax usr/share/mc/syntax/makefile.syntax usr/share/mc/syntax/markdown.syntax +usr/share/mc/syntax/meson.syntax usr/share/mc/syntax/ml.syntax usr/share/mc/syntax/named.syntax usr/share/mc/syntax/nemerle.syntax @@ -198,6 +199,7 @@ usr/share/mc/syntax/puppet.syntax usr/share/mc/syntax/python.syntax usr/share/mc/syntax/r.syntax usr/share/mc/syntax/ruby.syntax +usr/share/mc/syntax/rust.syntax usr/share/mc/syntax/sh.syntax usr/share/mc/syntax/slang.syntax usr/share/mc/syntax/smalltalk.syntax diff --git a/config/u-boot/boot.cmd b/config/u-boot/boot.cmd index 5184e6f87..2ba403824 100644 --- a/config/u-boot/boot.cmd +++ b/config/u-boot/boot.cmd @@ -39,7 +39,7 @@ if test "${SERIAL-CONSOLE}" =3D "ON"; then if test ${console} =3D ""; then if test "${board}" =3D "rpi"; then if test ${cpu} =3D "armv8"; then - if test "${fdtfile}" =3D "boradcom/bcm2837-rpi-3-b-plus.dtb"; then + if test "${fdtfile}" =3D "broadcom/bcm2837-rpi-3-b-plus.dtb"; then setenv console ttyS1,115200n8; else if test "${fdtfile}" =3D "broadcom/bcm2837-rpi-3-b.dtb"; then diff --git a/config/u-boot/boot.scr b/config/u-boot/boot.scr index d9395c0ae..2c81cef76 100644 Binary files a/config/u-boot/boot.scr and b/config/u-boot/boot.scr differ diff --git a/doc/language_issues.de b/doc/language_issues.de index e2048d7d1..c5dad0168 100644 --- a/doc/language_issues.de +++ b/doc/language_issues.de @@ -45,9 +45,24 @@ WARNING: translation string unused: addon WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password WARNING: translation string unused: adsl settings +WARNING: translation string unused: advproxy AUTH method ntlm +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrict= ions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -56,13 +71,27 @@ WARNING: translation string unused: advproxy chgwebpwd ne= w password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: age seconds WARNING: translation string unused: age shour @@ -703,7 +732,6 @@ WARNING: translation string unused: yearly firewallhits WARNING: untranslated string: Scan for Songs =3D unknown string WARNING: untranslated string: addons =3D Addons WARNING: untranslated string: bytes =3D unknown string -WARNING: untranslated string: captive =3D unknown string WARNING: untranslated string: community rules =3D Snort/VRT GPLv2 Community = Rules WARNING: untranslated string: dead peer detection =3D Dead Peer Detection WARNING: untranslated string: emerging rules =3D Emergingthreats.net Communi= ty Rules diff --git a/doc/language_issues.en b/doc/language_issues.en index 228b685f8..3e16e2180 100644 --- a/doc/language_issues.en +++ b/doc/language_issues.en @@ -121,13 +121,11 @@ WARNING: untranslated string: advproxy AUTH method iden= t =3D identd WARNING: untranslated string: advproxy AUTH method ldap =3D LDAP WARNING: untranslated string: advproxy AUTH method ncsa =3D Local WARNING: untranslated string: advproxy AUTH method none =3D None -WARNING: untranslated string: advproxy AUTH method ntlm =3D Windows NT4 Doma= in WARNING: untranslated string: advproxy AUTH method ntlm auth =3D Windows Act= ive Directory WARNING: untranslated string: advproxy AUTH method radius =3D RADIUS WARNING: untranslated string: advproxy AUTH no auth =3D Domains without auth= entication (one per line) WARNING: untranslated string: advproxy AUTH number of auth processes =3D Num= ber of authentication processes WARNING: untranslated string: advproxy AUTH realm =3D Authentication realm p= rompt -WARNING: untranslated string: advproxy AUTH user IP cache TTL =3D User/IP ca= che TTL (in minutes) WARNING: untranslated string: advproxy IDENT authorized users =3D Authorized= users (one per line) WARNING: untranslated string: advproxy IDENT aware hosts =3D Ident aware hos= ts (one per line) WARNING: untranslated string: advproxy IDENT identd settings =3D Common iden= td settings @@ -169,17 +167,6 @@ WARNING: untranslated string: advproxy NCSA update user = =3D Update user WARNING: untranslated string: advproxy NCSA user accounts =3D User accounts WARNING: untranslated string: advproxy NCSA user management =3D User managem= ent WARNING: untranslated string: advproxy NCSA username =3D Username -WARNING: untranslated string: advproxy NTLM BDC hostname =3D BDC hostname -WARNING: untranslated string: advproxy NTLM PDC hostname =3D PDC hostname -WARNING: untranslated string: advproxy NTLM auth mode =3D Authentication mode -WARNING: untranslated string: advproxy NTLM authorized users =3D Authorized = domain users (one per line) -WARNING: untranslated string: advproxy NTLM domain =3D Domain -WARNING: untranslated string: advproxy NTLM domain settings =3D Common domai= n settings -WARNING: untranslated string: advproxy NTLM unauthorized users =3D Unauthori= zed domain users (one per line) -WARNING: untranslated string: advproxy NTLM use integrated auth =3D Enable W= indows integrated authentication -WARNING: untranslated string: advproxy NTLM use negative access list =3D Use= negative access control -WARNING: untranslated string: advproxy NTLM use positive access list =3D Use= positive access control -WARNING: untranslated string: advproxy NTLM user based access restrictions = =3D User based access restrictions WARNING: untranslated string: advproxy RADIUS authorized users =3D Authorize= d users (one per line) WARNING: untranslated string: advproxy RADIUS identifier =3D Identifier WARNING: untranslated string: advproxy RADIUS port =3D Port @@ -190,13 +177,11 @@ WARNING: untranslated string: advproxy RADIUS unauthori= zed users =3D Unauthorized WARNING: untranslated string: advproxy RADIUS use negative access list =3D U= se negative access control WARNING: untranslated string: advproxy RADIUS use positive access list =3D U= se positive access control WARNING: untranslated string: advproxy RADIUS user based access restrictions= =3D User based access restrictions -WARNING: untranslated string: advproxy UA enable filter =3D Enable browser c= heck WARNING: untranslated string: advproxy access =3D Access WARNING: untranslated string: advproxy admin mail =3D Cache administrator e-= mail WARNING: untranslated string: advproxy advanced web proxy =3D Advanced Web P= roxy WARNING: untranslated string: advproxy advanced web proxy configuration =3D = Advanced web proxy configuration WARNING: untranslated string: advproxy allowed subnets =3D Allowed subnets (= one per line) -WARNING: untranslated string: advproxy allowed web browsers =3D Allowed clie= nts for web access WARNING: untranslated string: advproxy back to main page =3D Back to main pa= ge WARNING: untranslated string: advproxy banned ip clients =3D Banned IP addre= sses (one per line) WARNING: untranslated string: advproxy banned mac clients =3D Banned MAC add= resses (one per line) @@ -208,7 +193,6 @@ WARNING: untranslated string: advproxy classroom extensio= ns =3D Classroom extensio WARNING: untranslated string: advproxy clear cache =3D Clear Cache WARNING: untranslated string: advproxy client IP forwarding =3D Client IP ad= dress forwarding WARNING: untranslated string: advproxy common settings =3D Common settings -WARNING: untranslated string: advproxy content based throttling =3D Enable c= ontent based throttling WARNING: untranslated string: advproxy cre disabled =3D The management inter= face has been disabled by the administrator WARNING: untranslated string: advproxy cre group definitions =3D Classroom g= roup definitions WARNING: untranslated string: advproxy cre supervisors =3D Supervisor IP add= resses (one per line) @@ -220,15 +204,12 @@ WARNING: untranslated string: advproxy errmsg acl canno= t be empty =3D Access contr WARNING: untranslated string: advproxy errmsg auth cache ttl =3D Invalid val= ue for authentication cache TTL WARNING: untranslated string: advproxy errmsg auth children =3D Invalid numb= er of authentication processes WARNING: untranslated string: advproxy errmsg auth ipcache may not be null = =3D Authentication cache TTL may not be 0 when using IP address limits -WARNING: untranslated string: advproxy errmsg auth ipcache ttl =3D Invalid v= alue for user/IP cache TTL WARNING: untranslated string: advproxy errmsg cache =3D The RAM cache size i= s greater than the harddisk cache size: WARNING: untranslated string: advproxy errmsg hdd cache size =3D Invalid val= ue for harddisk cache size (min 10 MB required) WARNING: untranslated string: advproxy errmsg ident timeout =3D Invalid iden= t timeout -WARNING: untranslated string: advproxy errmsg invalid bdc =3D Invalid hostna= me for backup domain controller WARNING: untranslated string: advproxy errmsg invalid destination port =3D I= nvalid destination port WARNING: untranslated string: advproxy errmsg invalid ip or mask =3D Invalid= IP address or network mask WARNING: untranslated string: advproxy errmsg invalid mac =3D Invalid MAC ad= dress -WARNING: untranslated string: advproxy errmsg invalid pdc =3D Invalid hostna= me for primary domain controller WARNING: untranslated string: advproxy errmsg invalid proxy port =3D Invalid= proxy port WARNING: untranslated string: advproxy errmsg invalid upstream proxy =3D Inv= alid upstream proxy IP/hostname WARNING: untranslated string: advproxy errmsg invalid upstream proxy usernam= e or password setting =3D Invalid upstream proxy username or password setting @@ -238,11 +219,8 @@ WARNING: untranslated string: advproxy errmsg ldap port = =3D Invalid LDAP port numb WARNING: untranslated string: advproxy errmsg ldap server =3D Invalid IP add= ress/hostname for LDAP Server WARNING: untranslated string: advproxy errmsg max userip =3D Invalid number = of IP addresses per user WARNING: untranslated string: advproxy errmsg mem cache size =3D Invalid val= ue for memory cache size -WARNING: untranslated string: advproxy errmsg no browser =3D At least one br= owser or client must be selected for web access WARNING: untranslated string: advproxy errmsg no username =3D Username can n= ot be empty WARNING: untranslated string: advproxy errmsg non-transparent proxy required= =3D Web proxy must be running in non-transparent mode for authentication -WARNING: untranslated string: advproxy errmsg ntlm domain =3D Windows domain= name required -WARNING: untranslated string: advproxy errmsg ntlm pdc =3D Hostname for prim= ary domain controller required WARNING: untranslated string: advproxy errmsg password length =3D Invalid va= lue for password length WARNING: untranslated string: advproxy errmsg password length 1 =3D Password= must have at least=20 WARNING: untranslated string: advproxy errmsg password length 2 =3D charact= ers @@ -261,7 +239,6 @@ WARNING: untranslated string: advproxy from =3D From WARNING: untranslated string: advproxy group access control =3D Group based = access control WARNING: untranslated string: advproxy group required =3D Required group WARNING: untranslated string: advproxy hdd cache size =3D Harddisk cache siz= e (MB) -WARNING: untranslated string: advproxy invalid num of children =3D Invalid n= umber of filter processes WARNING: untranslated string: advproxy log enabled =3D Log enabled WARNING: untranslated string: advproxy log query =3D Log query terms WARNING: untranslated string: advproxy log settings =3D Log settings @@ -276,7 +253,6 @@ WARNING: untranslated string: advproxy mode deny =3D deny WARNING: untranslated string: advproxy monday =3D Mon WARNING: untranslated string: advproxy network based access =3D Network base= d access control WARNING: untranslated string: advproxy no cache sites =3D Do not cache these= domains (one per line) -WARNING: untranslated string: advproxy no clients defined =3D No clients def= ined WARNING: untranslated string: advproxy no connection auth =3D No connection = oriented authentication forwarding WARNING: untranslated string: advproxy no cre groups =3D There are no access= groups available WARNING: untranslated string: advproxy no internal proxy on blue =3D Disable= internal proxy access from BLUE to other subnets @@ -289,7 +265,6 @@ WARNING: untranslated string: advproxy privacy =3D Privacy WARNING: untranslated string: advproxy proxy port =3D Proxy port WARNING: untranslated string: advproxy proxy port transparent =3D Transparen= t port WARNING: untranslated string: advproxy ram cache size =3D Memory cache size = (MB) -WARNING: untranslated string: advproxy redirector children =3D Number of fil= ter processes WARNING: untranslated string: advproxy reset =3D Reset WARNING: untranslated string: advproxy saturday =3D Sat WARNING: untranslated string: advproxy save and restart =3D Save and Restart @@ -301,9 +276,6 @@ WARNING: untranslated string: advproxy standard ports =3D= Allowed standard ports ( WARNING: untranslated string: advproxy sunday =3D Sun WARNING: untranslated string: advproxy supervisor password =3D Supervisor pa= ssword WARNING: untranslated string: advproxy suppress version =3D Suppress version= information -WARNING: untranslated string: advproxy throttle binary =3D Binary files -WARNING: untranslated string: advproxy throttle dskimg =3D CD images -WARNING: untranslated string: advproxy throttle mmedia =3D Multimedia WARNING: untranslated string: advproxy throttling per host on =3D Limit per = host on WARNING: untranslated string: advproxy throttling total on =3D Overall limit= on WARNING: untranslated string: advproxy throttling unlimited =3D unlimited @@ -325,7 +297,6 @@ WARNING: untranslated string: advproxy url filter =3D URL= filter WARNING: untranslated string: advproxy username forwarding =3D Username forw= arding WARNING: untranslated string: advproxy via forwarding =3D Proxy address forw= arding WARNING: untranslated string: advproxy visible hostname =3D Visible hostname -WARNING: untranslated string: advproxy web browser =3D Web browser WARNING: untranslated string: advproxy wednesday =3D Wed WARNING: untranslated string: age second =3D second WARNING: untranslated string: aktiv =3D Active @@ -433,7 +404,6 @@ WARNING: untranslated string: capsclosed =3D DISCONNECTED WARNING: untranslated string: capsopen =3D CONNECTED WARNING: untranslated string: capswarning =3D WARNING WARNING: untranslated string: caption =3D Caption -WARNING: untranslated string: captive =3D unknown string WARNING: untranslated string: ccd add =3D Add network WARNING: untranslated string: ccd choose net =3D Choose network WARNING: untranslated string: ccd client options =3D Advanced client options @@ -650,7 +620,7 @@ WARNING: untranslated string: dnsforward add a new entry = =3D Add a new entry WARNING: untranslated string: dnsforward configuration =3D DNS forward confi= guration WARNING: untranslated string: dnsforward edit an entry =3D Edit an existing = entry WARNING: untranslated string: dnsforward entries =3D Current entries -WARNING: untranslated string: dnsforward forward_server =3D Nameserver +WARNING: untranslated string: dnsforward forward_servers =3D Nameservers WARNING: untranslated string: dnsforward zone =3D Zone WARNING: untranslated string: dnssec aware =3D DNSSEC Aware WARNING: untranslated string: dnssec disabled warning =3D WARNING: DNSSEC ha= s been disabled @@ -1120,6 +1090,7 @@ WARNING: untranslated string: invalid input for remote = host/ip =3D Invalid input f WARNING: untranslated string: invalid input for state or province =3D Invali= d input for state or province. WARNING: untranslated string: invalid input for valid till days =3D Invalid = input for Valid till (days). WARNING: untranslated string: invalid ip =3D Invalid IP Address +WARNING: untranslated string: invalid ip or hostname =3D Invalid IP Address = or Hostname WARNING: untranslated string: invalid keep time =3D Keep time must be a vali= d number WARNING: untranslated string: invalid key =3D Invalid key. WARNING: untranslated string: invalid local-remote id =3D local & remote id = must not be equal and begin with a "@" sign. These are leftid and rightid in = strongswan terminology. @@ -1638,7 +1609,7 @@ WARNING: untranslated string: ssh login time =3D Logged= in since WARNING: untranslated string: ssh no active logins =3D No active logins WARNING: untranslated string: ssh no auth =3D You have not allowed any authe= ntication methods; this will stop you logging in WARNING: untranslated string: ssh passwords =3D Allow password based authent= ication -WARNING: untranslated string: ssh port =3D SSH port set to 222 (default is 2= 2) +WARNING: untranslated string: ssh port =3D Set SSH port to default 22 (222 i= s used otherwise) WARNING: untranslated string: ssh portfw =3D Allow TCP forwarding WARNING: untranslated string: ssh tempstart15 =3D Stop SSH demon in 15 minut= es WARNING: untranslated string: ssh tempstart30 =3D Stop SSH demon in 30 minut= es diff --git a/doc/language_issues.es b/doc/language_issues.es index 01315971b..236248d55 100644 --- a/doc/language_issues.es +++ b/doc/language_issues.es @@ -22,9 +22,23 @@ WARNING: translation string unused: add xtaccess WARNING: translation string unused: add-route WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrict= ions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -33,14 +47,28 @@ WARNING: translation string unused: advproxy chgwebpwd ne= w password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update information WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: alcatelusb help WARNING: translation string unused: alcatelusb upload @@ -670,7 +698,6 @@ WARNING: untranslated string: Set time on boot =3D Force = setting the system clock WARNING: untranslated string: addons =3D Addons WARNING: untranslated string: administrator password =3D Administrator passw= ord WARNING: untranslated string: administrator username =3D Administrator usern= ame -WARNING: untranslated string: advproxy AUTH method ntlm =3D Windows NT4 Doma= in WARNING: untranslated string: advproxy AUTH method ntlm auth =3D Windows Act= ive Directory WARNING: untranslated string: advproxy basic authentication =3D Allow HTTP B= asic authentication WARNING: untranslated string: advproxy cache-digest =3D Enable Cache-Digest = Generation @@ -688,7 +715,6 @@ WARNING: untranslated string: bit =3D bit WARNING: untranslated string: block =3D Block WARNING: untranslated string: bytes =3D unknown string WARNING: untranslated string: capabilities =3D Capabilities -WARNING: untranslated string: captive =3D unknown string WARNING: untranslated string: ccd add =3D Add network WARNING: untranslated string: ccd choose net =3D Choose network WARNING: untranslated string: ccd client options =3D Advanced client options @@ -755,7 +781,7 @@ WARNING: untranslated string: dnsforward add a new entry = =3D Add a new entry WARNING: untranslated string: dnsforward configuration =3D DNS forward confi= guration WARNING: untranslated string: dnsforward edit an entry =3D Edit an existing = entry WARNING: untranslated string: dnsforward entries =3D Current entries -WARNING: untranslated string: dnsforward forward_server =3D Nameserver +WARNING: untranslated string: dnsforward forward_servers =3D Nameservers WARNING: untranslated string: dnsforward zone =3D Zone WARNING: untranslated string: dnssec aware =3D DNSSEC Aware WARNING: untranslated string: dnssec disabled warning =3D WARNING: DNSSEC ha= s been disabled @@ -1028,6 +1054,7 @@ WARNING: untranslated string: invalid input for dpd del= ay =3D Invalid input for DP WARNING: untranslated string: invalid input for dpd timeout =3D Invalid inpu= t for DPD timeout WARNING: untranslated string: invalid input for inactivity timeout =3D Inval= id input for Inactivity Timeout WARNING: untranslated string: invalid input for valid till days =3D Invalid = input for Valid till (days). +WARNING: untranslated string: invalid ip or hostname =3D Invalid IP Address = or Hostname WARNING: untranslated string: invalid logserver protocol =3D Invalid syslogd= server protocol WARNING: untranslated string: ipsec =3D IPsec WARNING: untranslated string: ipsec network =3D IPsec network diff --git a/doc/language_issues.fr b/doc/language_issues.fr index 3fd7f35c4..e2f20eb5c 100644 --- a/doc/language_issues.fr +++ b/doc/language_issues.fr @@ -45,9 +45,24 @@ WARNING: translation string unused: add-route WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password WARNING: translation string unused: adsl settings +WARNING: translation string unused: advproxy AUTH method ntlm +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrict= ions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -56,14 +71,28 @@ WARNING: translation string unused: advproxy chgwebpwd ne= w password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update information WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: age seconds WARNING: translation string unused: age shour @@ -195,6 +224,7 @@ WARNING: translation string unused: dmz pinhole rule added WARNING: translation string unused: dmz pinhole rule removed WARNING: translation string unused: dmzpinholes for same net not necessary WARNING: translation string unused: dns server +WARNING: translation string unused: dnsforward forward_server WARNING: translation string unused: do not log this port list WARNING: translation string unused: domain not set WARNING: translation string unused: donation-link @@ -507,7 +537,6 @@ WARNING: translation string unused: ovpn mtu-disc with ms= sfix or fragment WARNING: translation string unused: ovpn mtu-disc yes WARNING: translation string unused: ovpn reneg sec WARNING: translation string unused: ovpn_fastio -WARNING: translation string unused: ovpn_fragment WARNING: translation string unused: ovpn_mssfix WARNING: translation string unused: ovpn_mtudisc WARNING: translation string unused: ovpn_processprio @@ -741,7 +770,7 @@ WARNING: translation string unused: yearly firewallhits WARNING: untranslated string: Captive clients =3D unknown string WARNING: untranslated string: Scan for Songs =3D unknown string WARNING: untranslated string: bytes =3D unknown string -WARNING: untranslated string: captive =3D unknown string +WARNING: untranslated string: dnsforward forward_servers =3D Nameservers WARNING: untranslated string: fwhost cust geoipgrp =3D unknown string WARNING: untranslated string: fwhost err hostip =3D unknown string WARNING: untranslated string: guardian block a host =3D unknown string @@ -781,13 +810,11 @@ WARNING: untranslated string: guardian service =3D unkn= own string WARNING: untranslated string: guardian watch snort alertfile =3D unknown str= ing WARNING: untranslated string: ike lifetime should be between 1 and 8 hours = =3D unknown string WARNING: untranslated string: info messages =3D unknown string +WARNING: untranslated string: invalid ip or hostname =3D Invalid IP Address = or Hostname WARNING: untranslated string: no data =3D unknown string -WARNING: untranslated string: ovpn warning rfc3280 =3D Your host certificate= is not RFC3280 compliant.
Please update to the latest IPFire version and= generate as soon as possible a new root and host certificate.

All Op= enVPN clients needs then to be renewed!
WARNING: untranslated string: pakfire ago =3D ago. WARNING: untranslated string: route config changed =3D unknown string WARNING: untranslated string: routing config added =3D unknown string WARNING: untranslated string: routing config changed =3D unknown string WARNING: untranslated string: routing table =3D unknown string WARNING: untranslated string: vpn statistics n2n =3D unknown string -WARNING: untranslated string: wlanap neighbor scan =3D Neighborhood scan -WARNING: untranslated string: wlanap neighbor scan warning =3D Warning! Disa= bling may violate regulatory rules! diff --git a/doc/language_issues.it b/doc/language_issues.it index 1a1b283c0..5500eedc9 100644 --- a/doc/language_issues.it +++ b/doc/language_issues.it @@ -23,9 +23,24 @@ WARNING: translation string unused: add xtaccess WARNING: translation string unused: add-route WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password +WARNING: translation string unused: advproxy AUTH method ntlm +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrict= ions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -34,14 +49,28 @@ WARNING: translation string unused: advproxy chgwebpwd ne= w password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update information WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: age seconds WARNING: translation string unused: age shour @@ -173,6 +202,7 @@ WARNING: translation string unused: dmz pinhole rule added WARNING: translation string unused: dmz pinhole rule removed WARNING: translation string unused: dmzpinholes for same net not necessary WARNING: translation string unused: dns server +WARNING: translation string unused: dnsforward forward_server WARNING: translation string unused: do not log this port list WARNING: translation string unused: domain not set WARNING: translation string unused: donation-link @@ -756,7 +786,6 @@ WARNING: untranslated string: advproxy group required =3D= Required group WARNING: untranslated string: application layer gateways =3D Application Lay= er Gateways WARNING: untranslated string: block =3D Block WARNING: untranslated string: bytes =3D unknown string -WARNING: untranslated string: captive =3D unknown string WARNING: untranslated string: check all =3D Check all WARNING: untranslated string: crypto error =3D Cryptographic error WARNING: untranslated string: crypto warning =3D Cryptographic warning @@ -766,6 +795,7 @@ WARNING: untranslated string: dhcp dns update =3D DNS Upd= ate WARNING: untranslated string: dhcp dns update algo =3D Algorithm: WARNING: untranslated string: dhcp dns update secret =3D Secret: WARNING: untranslated string: dl client arch insecure =3D Download insecure = Client Package (zip) +WARNING: untranslated string: dnsforward forward_servers =3D Nameservers WARNING: untranslated string: dnssec disabled warning =3D WARNING: DNSSEC ha= s been disabled WARNING: untranslated string: eight hours =3D 8 Hours WARNING: untranslated string: email config =3D Configuration @@ -856,6 +886,7 @@ WARNING: untranslated string: incoming overhead in bytes = per second =3D Incoming O WARNING: untranslated string: info messages =3D unknown string WARNING: untranslated string: invalid input for inactivity timeout =3D Inval= id input for Inactivity Timeout WARNING: untranslated string: invalid input for valid till days =3D Invalid = input for Valid till (days). +WARNING: untranslated string: invalid ip or hostname =3D Invalid IP Address = or Hostname WARNING: untranslated string: invalid logserver protocol =3D Invalid syslogd= server protocol WARNING: untranslated string: log server protocol =3D protocol: WARNING: untranslated string: masquerade blue =3D Masquerade BLUE diff --git a/doc/language_issues.nl b/doc/language_issues.nl index 0de2a0f17..64778ffd7 100644 --- a/doc/language_issues.nl +++ b/doc/language_issues.nl @@ -23,9 +23,23 @@ WARNING: translation string unused: add xtaccess WARNING: translation string unused: add-route WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrict= ions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -34,14 +48,28 @@ WARNING: translation string unused: advproxy chgwebpwd ne= w password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update information WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: age seconds WARNING: translation string unused: age shour @@ -172,6 +200,7 @@ WARNING: translation string unused: dmz pinhole rule added WARNING: translation string unused: dmz pinhole rule removed WARNING: translation string unused: dmzpinholes for same net not necessary WARNING: translation string unused: dns server +WARNING: translation string unused: dnsforward forward_server WARNING: translation string unused: do not log this port list WARNING: translation string unused: domain not set WARNING: translation string unused: donation-link @@ -745,7 +774,6 @@ WARNING: untranslated string: Number of Countries for the= pie chart =3D Number of WARNING: untranslated string: Scan for Songs =3D unknown string WARNING: untranslated string: administrator password =3D Administrator passw= ord WARNING: untranslated string: administrator username =3D Administrator usern= ame -WARNING: untranslated string: advproxy AUTH method ntlm =3D Windows NT4 Doma= in WARNING: untranslated string: advproxy AUTH method ntlm auth =3D Windows Act= ive Directory WARNING: untranslated string: advproxy basic authentication =3D Allow HTTP B= asic authentication WARNING: untranslated string: advproxy group access control =3D Group based = access control @@ -755,7 +783,6 @@ WARNING: untranslated string: atm device =3D Device: WARNING: untranslated string: block =3D Block WARNING: untranslated string: bytes =3D unknown string WARNING: untranslated string: capabilities =3D Capabilities -WARNING: untranslated string: captive =3D unknown string WARNING: untranslated string: check all =3D Check all WARNING: untranslated string: crypto error =3D Cryptographic error WARNING: untranslated string: crypto warning =3D Cryptographic warning @@ -772,6 +799,7 @@ WARNING: untranslated string: dhcp dns update algo =3D Al= gorithm: WARNING: untranslated string: dhcp dns update secret =3D Secret: WARNING: untranslated string: dl client arch insecure =3D Download insecure = Client Package (zip) WARNING: untranslated string: dns servers =3D DNS Servers +WARNING: untranslated string: dnsforward forward_servers =3D Nameservers WARNING: untranslated string: dnssec aware =3D DNSSEC Aware WARNING: untranslated string: dnssec disabled warning =3D WARNING: DNSSEC ha= s been disabled WARNING: untranslated string: dnssec information =3D DNSSEC Information @@ -872,6 +900,7 @@ WARNING: untranslated string: incoming overhead in bytes = per second =3D Incoming O WARNING: untranslated string: info messages =3D unknown string WARNING: untranslated string: invalid input for inactivity timeout =3D Inval= id input for Inactivity Timeout WARNING: untranslated string: invalid input for valid till days =3D Invalid = input for Valid till (days). +WARNING: untranslated string: invalid ip or hostname =3D Invalid IP Address = or Hostname WARNING: untranslated string: invalid logserver protocol =3D Invalid syslogd= server protocol WARNING: untranslated string: log server protocol =3D protocol: WARNING: untranslated string: masquerade blue =3D Masquerade BLUE diff --git a/doc/language_issues.pl b/doc/language_issues.pl index 01315971b..236248d55 100644 --- a/doc/language_issues.pl +++ b/doc/language_issues.pl @@ -22,9 +22,23 @@ WARNING: translation string unused: add xtaccess WARNING: translation string unused: add-route WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrict= ions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -33,14 +47,28 @@ WARNING: translation string unused: advproxy chgwebpwd ne= w password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update information WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: alcatelusb help WARNING: translation string unused: alcatelusb upload @@ -670,7 +698,6 @@ WARNING: untranslated string: Set time on boot =3D Force = setting the system clock WARNING: untranslated string: addons =3D Addons WARNING: untranslated string: administrator password =3D Administrator passw= ord WARNING: untranslated string: administrator username =3D Administrator usern= ame -WARNING: untranslated string: advproxy AUTH method ntlm =3D Windows NT4 Doma= in WARNING: untranslated string: advproxy AUTH method ntlm auth =3D Windows Act= ive Directory WARNING: untranslated string: advproxy basic authentication =3D Allow HTTP B= asic authentication WARNING: untranslated string: advproxy cache-digest =3D Enable Cache-Digest = Generation @@ -688,7 +715,6 @@ WARNING: untranslated string: bit =3D bit WARNING: untranslated string: block =3D Block WARNING: untranslated string: bytes =3D unknown string WARNING: untranslated string: capabilities =3D Capabilities -WARNING: untranslated string: captive =3D unknown string WARNING: untranslated string: ccd add =3D Add network WARNING: untranslated string: ccd choose net =3D Choose network WARNING: untranslated string: ccd client options =3D Advanced client options @@ -755,7 +781,7 @@ WARNING: untranslated string: dnsforward add a new entry = =3D Add a new entry WARNING: untranslated string: dnsforward configuration =3D DNS forward confi= guration WARNING: untranslated string: dnsforward edit an entry =3D Edit an existing = entry WARNING: untranslated string: dnsforward entries =3D Current entries -WARNING: untranslated string: dnsforward forward_server =3D Nameserver +WARNING: untranslated string: dnsforward forward_servers =3D Nameservers WARNING: untranslated string: dnsforward zone =3D Zone WARNING: untranslated string: dnssec aware =3D DNSSEC Aware WARNING: untranslated string: dnssec disabled warning =3D WARNING: DNSSEC ha= s been disabled @@ -1028,6 +1054,7 @@ WARNING: untranslated string: invalid input for dpd del= ay =3D Invalid input for DP WARNING: untranslated string: invalid input for dpd timeout =3D Invalid inpu= t for DPD timeout WARNING: untranslated string: invalid input for inactivity timeout =3D Inval= id input for Inactivity Timeout WARNING: untranslated string: invalid input for valid till days =3D Invalid = input for Valid till (days). +WARNING: untranslated string: invalid ip or hostname =3D Invalid IP Address = or Hostname WARNING: untranslated string: invalid logserver protocol =3D Invalid syslogd= server protocol WARNING: untranslated string: ipsec =3D IPsec WARNING: untranslated string: ipsec network =3D IPsec network diff --git a/doc/language_issues.ru b/doc/language_issues.ru index ca75c0b29..810b16f50 100644 --- a/doc/language_issues.ru +++ b/doc/language_issues.ru @@ -23,9 +23,23 @@ WARNING: translation string unused: add xtaccess WARNING: translation string unused: add-route WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrict= ions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -34,14 +48,28 @@ WARNING: translation string unused: advproxy chgwebpwd ne= w password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update information WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: alcatelusb help WARNING: translation string unused: alcatelusb upload @@ -672,7 +700,6 @@ WARNING: untranslated string: Scan for Songs =3D unknown = string WARNING: untranslated string: addons =3D Addons WARNING: untranslated string: administrator password =3D Administrator passw= ord WARNING: untranslated string: administrator username =3D Administrator usern= ame -WARNING: untranslated string: advproxy AUTH method ntlm =3D Windows NT4 Doma= in WARNING: untranslated string: advproxy AUTH method ntlm auth =3D Windows Act= ive Directory WARNING: untranslated string: advproxy basic authentication =3D Allow HTTP B= asic authentication WARNING: untranslated string: advproxy cache-digest =3D Enable Cache-Digest = Generation @@ -690,7 +717,6 @@ WARNING: untranslated string: bit =3D bit WARNING: untranslated string: block =3D Block WARNING: untranslated string: bytes =3D unknown string WARNING: untranslated string: capabilities =3D Capabilities -WARNING: untranslated string: captive =3D unknown string WARNING: untranslated string: ccd add =3D Add network WARNING: untranslated string: ccd choose net =3D Choose network WARNING: untranslated string: ccd client options =3D Advanced client options @@ -759,7 +785,7 @@ WARNING: untranslated string: dnsforward add a new entry = =3D Add a new entry WARNING: untranslated string: dnsforward configuration =3D DNS forward confi= guration WARNING: untranslated string: dnsforward edit an entry =3D Edit an existing = entry WARNING: untranslated string: dnsforward entries =3D Current entries -WARNING: untranslated string: dnsforward forward_server =3D Nameserver +WARNING: untranslated string: dnsforward forward_servers =3D Nameservers WARNING: untranslated string: dnsforward zone =3D Zone WARNING: untranslated string: dnssec aware =3D DNSSEC Aware WARNING: untranslated string: dnssec disabled warning =3D WARNING: DNSSEC ha= s been disabled @@ -1030,6 +1056,7 @@ WARNING: untranslated string: invalid input for dpd del= ay =3D Invalid input for DP WARNING: untranslated string: invalid input for dpd timeout =3D Invalid inpu= t for DPD timeout WARNING: untranslated string: invalid input for inactivity timeout =3D Inval= id input for Inactivity Timeout WARNING: untranslated string: invalid input for valid till days =3D Invalid = input for Valid till (days). +WARNING: untranslated string: invalid ip or hostname =3D Invalid IP Address = or Hostname WARNING: untranslated string: invalid logserver protocol =3D Invalid syslogd= server protocol WARNING: untranslated string: ipsec =3D IPsec WARNING: untranslated string: ipsec network =3D IPsec network diff --git a/doc/language_issues.tr b/doc/language_issues.tr index 6a79d65a4..140658346 100644 --- a/doc/language_issues.tr +++ b/doc/language_issues.tr @@ -45,9 +45,24 @@ WARNING: translation string unused: add-route WARNING: translation string unused: admin user password has been changed WARNING: translation string unused: administrator user password WARNING: translation string unused: adsl settings +WARNING: translation string unused: advproxy AUTH method ntlm +WARNING: translation string unused: advproxy AUTH user IP cache TTL WARNING: translation string unused: advproxy LDAP auth +WARNING: translation string unused: advproxy NTLM BDC hostname +WARNING: translation string unused: advproxy NTLM PDC hostname WARNING: translation string unused: advproxy NTLM auth +WARNING: translation string unused: advproxy NTLM auth mode +WARNING: translation string unused: advproxy NTLM authorized users +WARNING: translation string unused: advproxy NTLM domain +WARNING: translation string unused: advproxy NTLM domain settings +WARNING: translation string unused: advproxy NTLM unauthorized users +WARNING: translation string unused: advproxy NTLM use integrated auth +WARNING: translation string unused: advproxy NTLM use negative access list +WARNING: translation string unused: advproxy NTLM use positive access list +WARNING: translation string unused: advproxy NTLM user based access restrict= ions +WARNING: translation string unused: advproxy UA enable filter WARNING: translation string unused: advproxy advanced proxy +WARNING: translation string unused: advproxy allowed web browsers WARNING: translation string unused: advproxy chgwebpwd ERROR WARNING: translation string unused: advproxy chgwebpwd SUCCESS WARNING: translation string unused: advproxy chgwebpwd change password @@ -56,14 +71,28 @@ WARNING: translation string unused: advproxy chgwebpwd ne= w password WARNING: translation string unused: advproxy chgwebpwd new password confirm WARNING: translation string unused: advproxy chgwebpwd old password WARNING: translation string unused: advproxy chgwebpwd username +WARNING: translation string unused: advproxy content based throttling +WARNING: translation string unused: advproxy errmsg auth ipcache ttl WARNING: translation string unused: advproxy errmsg change fail WARNING: translation string unused: advproxy errmsg change success +WARNING: translation string unused: advproxy errmsg invalid bdc +WARNING: translation string unused: advproxy errmsg invalid pdc WARNING: translation string unused: advproxy errmsg invalid user +WARNING: translation string unused: advproxy errmsg no browser WARNING: translation string unused: advproxy errmsg no password +WARNING: translation string unused: advproxy errmsg ntlm domain +WARNING: translation string unused: advproxy errmsg ntlm pdc WARNING: translation string unused: advproxy errmsg password incorrect +WARNING: translation string unused: advproxy invalid num of children +WARNING: translation string unused: advproxy no clients defined +WARNING: translation string unused: advproxy redirector children WARNING: translation string unused: advproxy ssadvanced proxy +WARNING: translation string unused: advproxy throttle binary +WARNING: translation string unused: advproxy throttle dskimg +WARNING: translation string unused: advproxy throttle mmedia WARNING: translation string unused: advproxy update information WARNING: translation string unused: advproxy update notification +WARNING: translation string unused: advproxy web browser WARNING: translation string unused: again WARNING: translation string unused: age seconds WARNING: translation string unused: age shour @@ -195,6 +224,7 @@ WARNING: translation string unused: dmz pinhole rule added WARNING: translation string unused: dmz pinhole rule removed WARNING: translation string unused: dmzpinholes for same net not necessary WARNING: translation string unused: dns server +WARNING: translation string unused: dnsforward forward_server WARNING: translation string unused: do not log this port list WARNING: translation string unused: domain not set WARNING: translation string unused: donation-link @@ -740,9 +770,9 @@ WARNING: translation string unused: yearly firewallhits WARNING: untranslated string: Captive clients =3D unknown string WARNING: untranslated string: Scan for Songs =3D unknown string WARNING: untranslated string: bytes =3D unknown string -WARNING: untranslated string: captive =3D unknown string WARNING: untranslated string: crypto error =3D Cryptographic error WARNING: untranslated string: crypto warning =3D Cryptographic warning +WARNING: untranslated string: dnsforward forward_servers =3D Nameservers WARNING: untranslated string: fwdfw all subnets =3D All subnets WARNING: untranslated string: fwhost cust geoipgrp =3D unknown string WARNING: untranslated string: fwhost err hostip =3D unknown string @@ -783,6 +813,7 @@ WARNING: untranslated string: guardian service =3D unknow= n string WARNING: untranslated string: guardian watch snort alertfile =3D unknown str= ing WARNING: untranslated string: ike lifetime should be between 1 and 8 hours = =3D unknown string WARNING: untranslated string: info messages =3D unknown string +WARNING: untranslated string: invalid ip or hostname =3D Invalid IP Address = or Hostname WARNING: untranslated string: no data =3D unknown string WARNING: untranslated string: ovpn error dh =3D The Diffie-Hellman parameter= needs to be in minimum 2048 bit!
Please generate or upload a new Diffie-= Hellman parameter, this can be made below in the section "Diffie-Hellman para= meters options".
WARNING: untranslated string: ovpn error md5 =3D You host certificate uses M= D5 for the signature which is not accepted anymore.
Please update to the = latest IPFire version and generate a new root and host certificate.

A= ll OpenVPN clients needs then to be renewed!
diff --git a/doc/language_missings b/doc/language_missings index 56219c5fc..938a9551e 100644 --- a/doc/language_missings +++ b/doc/language_missings @@ -210,7 +210,7 @@ < dnsforward configuration < dnsforward edit an entry < dnsforward entries -< dnsforward forward_server +< dnsforward forward_servers < dnsforward zone < dnssec aware < dnssec disabled warning @@ -494,6 +494,7 @@ < invalid input for dpd timeout < invalid input for inactivity timeout < invalid input for valid till days +< invalid ip or hostname < invalid logserver protocol < ipsec < ipsec network @@ -781,9 +782,8 @@ ############################################################################ # Checking cgi-bin translations for language: fr # ############################################################################ -< ovpn warning rfc3280 -< wlanap neighbor scan -< wlanap neighbor scan warning +< dnsforward forward_servers +< invalid ip or hostname ############################################################################ # Checking cgi-bin translations for language: it # ############################################################################ @@ -860,6 +860,7 @@ < dhcp dns update algo < dhcp dns update secret < dl client arch insecure +< dnsforward forward_servers < dnssec disabled warning < eight hours < email config @@ -919,6 +920,7 @@ < incoming overhead in bytes per second < invalid input for inactivity timeout < invalid input for valid till days +< invalid ip or hostname < invalid logserver protocol < log server protocol < masquerade blue @@ -1082,6 +1084,7 @@ < dh name is invalid < dh parameter < dl client arch insecure +< dnsforward forward_servers < dnssec aware < dnssec disabled warning < dnssec information @@ -1153,6 +1156,7 @@ < incoming overhead in bytes per second < invalid input for inactivity timeout < invalid input for valid till days +< invalid ip or hostname < invalid logserver protocol < log server protocol < masquerade blue @@ -1423,7 +1427,7 @@ < dnsforward configuration < dnsforward edit an entry < dnsforward entries -< dnsforward forward_server +< dnsforward forward_servers < dnsforward zone < dnssec aware < dnssec disabled warning @@ -1709,6 +1713,7 @@ < invalid input for dpd timeout < invalid input for inactivity timeout < invalid input for valid till days +< invalid ip or hostname < invalid logserver protocol < ipsec < ipsec network @@ -2137,7 +2142,7 @@ < dnsforward configuration < dnsforward edit an entry < dnsforward entries -< dnsforward forward_server +< dnsforward forward_servers < dnsforward zone < dnssec aware < dnssec disabled warning @@ -2427,6 +2432,7 @@ < invalid input for dpd timeout < invalid input for inactivity timeout < invalid input for valid till days +< invalid ip or hostname < invalid logserver protocol < ipsec < ipsec network @@ -2700,7 +2706,9 @@ ############################################################################ < crypto error < crypto warning +< dnsforward forward_servers < fwdfw all subnets +< invalid ip or hostname < ovpn error dh < ovpn error md5 < ovpn warning rfc3280 diff --git a/html/cgi-bin/dnsforward.cgi b/html/cgi-bin/dnsforward.cgi index ee63c6dd7..0439817b9 100644 --- a/html/cgi-bin/dnsforward.cgi +++ b/html/cgi-bin/dnsforward.cgi @@ -50,7 +50,7 @@ my %mainsettings =3D (); $cgiparams{'ENABLED'} =3D 'off'; $cgiparams{'ACTION'} =3D ''; $cgiparams{'ZONE'} =3D ''; -$cgiparams{'FORWARD_SERVER'} =3D ''; +$cgiparams{'FORWARD_SERVERS'} =3D ''; $cgiparams{'REMARK'} =3D''; &Header::getcgihash(\%cgiparams); open(FILE, $filename) or die 'Unable to open config file.'; @@ -67,14 +67,21 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'add'}) $errormessage =3D $Lang::tr{'invalid domain name'}; } =20 - # Check if the settings for the forward server are valid. - unless(&General::validip($cgiparams{'FORWARD_SERVER'})) { - $errormessage =3D $Lang::tr{'invalid ip'}; + my @forward_servers =3D split(/\,/, $cgiparams{'FORWARD_SERVERS'}); + foreach my $forward_server (@forward_servers) { + # Check if the settings for the forward server are valid. + unless(&General::validip($forward_server) || &General::validfqdn($forward_= server)) { + $errormessage =3D "$Lang::tr{'invalid ip or hostname'}: $forward_server"; + last; + } } =20 # Go further if there was no error. if ( ! $errormessage) { + # Save servers separated by | + $cgiparams{'FORWARD_SERVERS'} =3D join("|", @forward_servers); + # Check if a remark has been entered. $cgiparams{'REMARK'} =3D &Header::cleanhtml($cgiparams{'REMARK'}); =20 @@ -82,7 +89,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'add'}) if($cgiparams{'EDITING'} eq 'no') { open(FILE,">>$filename") or die 'Unable to open config file.'; flock FILE, 2; - print FILE "$cgiparams{'ENABLED'},$cgiparams{'ZONE'},$cgiparams{'FORWARD_= SERVER'},$cgiparams{'REMARK'}\n"; + print FILE "$cgiparams{'ENABLED'},$cgiparams{'ZONE'},$cgiparams{'FORWARD_= SERVERS'},$cgiparams{'REMARK'}\n"; } else { open(FILE, ">$filename") or die 'Unable to open config file.'; flock FILE, 2; @@ -91,7 +98,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'add'}) { $id++; if ($cgiparams{'EDITING'} eq $id) { - print FILE "$cgiparams{'ENABLED'},$cgiparams{'ZONE'},$cgiparams{'FORWAR= D_SERVER'},$cgiparams{'REMARK'}\n"; + print FILE "$cgiparams{'ENABLED'},$cgiparams{'ZONE'},$cgiparams{'FORWAR= D_SERVERS'},$cgiparams{'REMARK'}\n"; } else { print FILE "$line"; } } } @@ -167,7 +174,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'edit'}) my @temp =3D split(/\,/,$line); $cgiparams{'ENABLED'} =3D $temp[0]; $cgiparams{'ZONE'} =3D $temp[1]; - $cgiparams{'FORWARD_SERVER'} =3D $temp[2]; + $cgiparams{'FORWARD_SERVERS'} =3D join(",", split(/\|/, $temp[2])); $cgiparams{'REMARK'} =3D $temp[3]; } } @@ -213,8 +220,8 @@ print < =20 - $Lang::tr{'dnsforward forward_server'}:&n= bsp;3D'*' - + $Lang::tr{'dnsforward forward_servers'}:&= nbsp;3D'*' + =20 @@ -255,7 +262,7 @@ print < $Lang::tr{'dnsfor= ward zone'} - $Lang::tr{'dnsfor= ward forward_server'} + $Lang::tr{'dnsfor= ward forward_servers'} $Lang::tr{'remark= '} $Lan= g::tr{'action'} @@ -284,7 +291,10 @@ foreach my $line (@current) my $gif =3D ''; my $gdesc =3D ''; my $toggle =3D ''; -=09 + + # Format lists of servers + my $servers =3D join(", ", split(/\|/, $temp[2])); + if($cgiparams{'ACTION'} eq $Lang::tr{'edit'} && $cgiparams{'ID'} eq $id) { print ""; $col=3D"bgcolor=3D'${Header::colouryellow}'"; } @@ -303,7 +313,7 @@ foreach my $line (@current) # print <$temp[1] - $temp[2] + $servers $temp[3]
diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi index eddfc387c..5a3f4c314 100644 --- a/html/cgi-bin/ids.cgi +++ b/html/cgi-bin/ids.cgi @@ -259,9 +259,9 @@ if ($snortsettings{'OINKCODE'} ne "") { =20 if (!$errormessage) { if ($snortsettings{'RULES'} eq 'subscripted') { - $url=3D" https://www.snort.org/rules/snortrules-snapshot-29111.tar.gz?oink= code=3D$snortsettings{'OINKCODE'}"; + $url=3D" https://www.snort.org/rules/snortrules-snapshot-29120.tar.gz?oink= code=3D$snortsettings{'OINKCODE'}"; } elsif ($snortsettings{'RULES'} eq 'registered') { - $url=3D" https://www.snort.org/rules/snortrules-snapshot-29111.tar.gz?oink= code=3D$snortsettings{'OINKCODE'}"; + $url=3D" https://www.snort.org/rules/snortrules-snapshot-29120.tar.gz?oink= code=3D$snortsettings{'OINKCODE'}"; } elsif ($snortsettings{'RULES'} eq 'community') { $url=3D" https://www.snort.org/rules/community"; } else { diff --git a/html/cgi-bin/logs.cgi/log.dat b/html/cgi-bin/logs.cgi/log.dat index f241365a1..153ffb5f0 100644 --- a/html/cgi-bin/logs.cgi/log.dat +++ b/html/cgi-bin/logs.cgi/log.dat @@ -78,7 +78,7 @@ my %sections =3D ( my %trsections =3D ( 'auth' =3D> "$Lang::tr{'loginlogout'}", 'wio' =3D> 'Who Is Online?', - 'captive' =3D> $Lang::tr{'captive'}, + 'captive' =3D> $Lang::tr{'Captive'}, 'clamav' =3D> 'ClamAV', 'collectd' =3D> 'Collectd', 'cron' =3D> 'Cron', diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index 976300fc7..4fb234995 100644 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -174,7 +174,12 @@ sub cleanssldatabase print FILE ""; close FILE; } + if (open(FILE, ">${General::swroot}/ovpn/certs/index.txt.attr")) { + print FILE ""; + close FILE; + } unlink ("${General::swroot}/ovpn/certs/index.txt.old"); + unlink ("${General::swroot}/ovpn/certs/index.txt.attr.old"); unlink ("${General::swroot}/ovpn/certs/serial.old"); unlink ("${General::swroot}/ovpn/certs/01.pem"); } @@ -189,7 +194,11 @@ sub newcleanssldatabase if (! -s ">${General::swroot}/ovpn/certs/index.txt") { system ("touch ${General::swroot}/ovpn/certs/index.txt"); } + if (! -s ">${General::swroot}/ovpn/certs/index.txt.attr") { + system ("touch ${General::swroot}/ovpn/certs/index.txt.attr"); + } unlink ("${General::swroot}/ovpn/certs/index.txt.old"); + unlink ("${General::swroot}/ovpn/certs/index.txt.attr.old"); unlink ("${General::swroot}/ovpn/certs/serial.old"); } =20 diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi index 738425b9a..0bf72fed2 100644 --- a/html/cgi-bin/proxy.cgi +++ b/html/cgi-bin/proxy.cgi @@ -56,17 +56,11 @@ my %mainsettings=3D(); my %checked=3D(); my %selected=3D(); =20 -my @throttle_limits=3D(64,128,256,384,512,768,1024,1280,1536,1792,2048,2560,= 3072,3584,4096,5120,6144,7168,8192,10240,12288,16384,20480); -my $throttle_binary=3D"7z|arj|bin|bz2|cab|exe|gz|lzh|rar|sea|tar|tgz|xz|zip"; -my $throttle_dskimg=3D"b5t|bin|bwt|ccd|cdi|cue|gho|img|iso|mds|nrg|pqi|vmdk"; -my $throttle_mmedia=3D"aiff?|asf|avi|divx|mov|mp3|mpe?g|ogg|qt|ra?m|ts|vob"; +my @throttle_limits=3D(64,128,256,512,1024,1536,2048,3072,4096,5120,6144,716= 8,8192,10240,16384,20480,51200,102400); =20 my $def_ports_safe=3D"80 # http\n21 # ftp\n443 # https\n563 # snews\n70 # go= pher\n210 # wais\n1025-65535 # unregistered ports\n280 # http-mgmt\n488 # gss= -http\n591 # filemaker\n777 # multiling http\n800 # Squids port (for icons)\n= "; my $def_ports_ssl=3D"443 # https\n563 # snews\n"; =20 -my @useragent=3D(); -my @useragentlist=3D(); - my $hintcolour=3D'#FFFFCC'; my $ncsa_buttontext=3D''; my $language=3D''; @@ -89,7 +83,6 @@ my $errormessage=3D''; =20 my $acldir =3D "${General::swroot}/proxy/advanced/acls"; my $ncsadir =3D "${General::swroot}/proxy/advanced/ncsa"; -my $ntlmdir =3D "${General::swroot}/proxy/advanced/ntlm"; my $raddir =3D "${General::swroot}/proxy/advanced/radius"; my $identdir =3D "${General::swroot}/proxy/advanced/ident"; my $credir =3D "${General::swroot}/proxy/advanced/cre"; @@ -99,7 +92,6 @@ my $stdgrp =3D "$ncsadir/standard.grp"; my $extgrp =3D "$ncsadir/extended.grp"; my $disgrp =3D "$ncsadir/disabled.grp"; =20 -my $browserdb =3D "${General::swroot}/proxy/advanced/useragents"; my $mimetypes =3D "${General::swroot}/proxy/advanced/mimetypes"; my $throttled_urls =3D "${General::swroot}/proxy/advanced/throttle"; =20 @@ -137,7 +129,6 @@ my $urlfilterversion =3D 'n/a'; =20 unless (-d "$acldir") { mkdir("$acldir"); } unless (-d "$ncsadir") { mkdir("$ncsadir"); } -unless (-d "$ntlmdir") { mkdir("$ntlmdir"); } unless (-d "$raddir") { mkdir("$raddir"); } unless (-d "$identdir") { mkdir("$identdir"); } unless (-d "$credir") { mkdir("$credir"); } @@ -170,15 +161,10 @@ unless (-e $acl_ports_safe) { system("touch $acl_ports_= safe"); } unless (-e $acl_ports_ssl) { system("touch $acl_ports_ssl"); } unless (-e $acl_include) { system("touch $acl_include"); } =20 -unless (-e $browserdb) { system("touch $browserdb"); } unless (-e $mimetypes) { system("touch $mimetypes"); } =20 my $HAVE_NTLM_AUTH =3D (-e "/usr/bin/ntlm_auth"); =20 -open FILE, $browserdb; -(a)useragentlist =3D sort { reverse(substr(reverse(substr($a,index($a,',')+1= )),index(reverse(substr($a,index($a,','))),',')+1)) cmp reverse(substr(revers= e(substr($b,index($b,',')+1)),index(reverse(substr($b,index($b,','))),',')+1)= )} grep !/(^$)|(^\s*#)/,; -close(FILE); - &General::readhash("${General::swroot}/ethernet/settings", \%netsettings); &General::readhash("${General::swroot}/main/settings", \%mainsettings); =20 @@ -217,8 +203,8 @@ $proxysettings{'CACHEMGR'} =3D 'off'; $proxysettings{'LOGQUERY'} =3D 'off'; $proxysettings{'LOGUSERAGENT'} =3D 'off'; $proxysettings{'FILEDESCRIPTORS'} =3D '16384'; -$proxysettings{'CACHE_MEM'} =3D '2'; -$proxysettings{'CACHE_SIZE'} =3D '50'; +$proxysettings{'CACHE_MEM'} =3D '128'; +$proxysettings{'CACHE_SIZE'} =3D '0'; $proxysettings{'MAX_SIZE'} =3D '4096'; $proxysettings{'MIN_SIZE'} =3D '0'; $proxysettings{'MEM_POLICY'} =3D 'LRU'; @@ -241,18 +227,13 @@ $proxysettings{'THROTTLING_GREEN_TOTAL'} =3D 'unlimited= '; $proxysettings{'THROTTLING_GREEN_HOST'} =3D 'unlimited'; $proxysettings{'THROTTLING_BLUE_TOTAL'} =3D 'unlimited'; $proxysettings{'THROTTLING_BLUE_HOST'} =3D 'unlimited'; -$proxysettings{'THROTTLE_BINARY'} =3D 'off'; -$proxysettings{'THROTTLE_DSKIMG'} =3D 'off'; -$proxysettings{'THROTTLE_MMEDIA'} =3D 'off'; $proxysettings{'ENABLE_MIME_FILTER'} =3D 'off'; -$proxysettings{'ENABLE_BROWSER_CHECK'} =3D 'off'; $proxysettings{'FAKE_USERAGENT'} =3D ''; $proxysettings{'FAKE_REFERER'} =3D ''; $proxysettings{'AUTH_METHOD'} =3D 'none'; $proxysettings{'AUTH_REALM'} =3D ''; $proxysettings{'AUTH_MAX_USERIP'} =3D ''; $proxysettings{'AUTH_CACHE_TTL'} =3D '60'; -$proxysettings{'AUTH_IPCACHE_TTL'} =3D '0'; $proxysettings{'AUTH_CHILDREN'} =3D '5'; $proxysettings{'NCSA_MIN_PASS_LEN'} =3D '6'; $proxysettings{'NCSA_BYPASS_REDIR'} =3D 'off'; @@ -287,7 +268,6 @@ $proxysettings{'IDENT_USER_ACL'} =3D 'positive'; $proxysettings{'ENABLE_FILTER'} =3D 'off'; $proxysettings{'ENABLE_UPDXLRATOR'} =3D 'off'; $proxysettings{'ENABLE_CLAMAV'} =3D 'off'; -$proxysettings{'CHILDREN'} =3D '10'; =20 $ncsa_buttontext =3D $Lang::tr{'advproxy NCSA create user'}; =20 @@ -436,27 +416,6 @@ if (($proxysettings{'ACTION'} eq $Lang::tr{'save'}) || (= $proxysettings{'ACTION'} { $errormessage =3D $Lang::tr{'invalid maximum incoming size'}; goto ERROR; - } - if (!($proxysettings{'CHILDREN'} =3D~ /^\d+$/) || ($proxysettings{'CHILDRE= N'} < 1)) - { - $errormessage =3D $Lang::tr{'advproxy invalid num of children'}; - goto ERROR; - } - if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') - { - $browser_regexp =3D ''; - foreach (@useragentlist) - { - chomp; - @useragent =3D split(/,/); - if ($proxysettings{'UA_'.$useragent[0]} eq 'on') { $browser_regexp .=3D "= $useragent[2]|"; } - } - chop($browser_regexp); - if (!$browser_regexp) - { - $errormessage =3D $Lang::tr{'advproxy errmsg no browser'}; - goto ERROR; - } } if (!($proxysettings{'AUTH_METHOD'} eq 'none')) { @@ -480,23 +439,18 @@ if (($proxysettings{'ACTION'} eq $Lang::tr{'save'}) || = ($proxysettings{'ACTION'} } } } - if ((!($proxysettings{'AUTH_MAX_USERIP'} eq '')) && - ((!($proxysettings{'AUTH_MAX_USERIP'} =3D~ /^\d+/)) || ($proxysettings{'A= UTH_MAX_USERIP'} < 1) || ($proxysettings{'AUTH_MAX_USERIP'} > 255))) - { - $errormessage =3D $Lang::tr{'advproxy errmsg max userip'}; - goto ERROR; - } if (!($proxysettings{'AUTH_CACHE_TTL'} =3D~ /^\d+/)) { $errormessage =3D $Lang::tr{'advproxy errmsg auth cache ttl'}; goto ERROR; } - if (!($proxysettings{'AUTH_IPCACHE_TTL'} =3D~ /^\d+/)) + if ((!($proxysettings{'AUTH_MAX_USERIP'} eq '')) && + ((!($proxysettings{'AUTH_MAX_USERIP'} =3D~ /^\d+/)) || ($proxysettings{'A= UTH_MAX_USERIP'} < 1) || ($proxysettings{'AUTH_MAX_USERIP'} > 255))) { - $errormessage =3D $Lang::tr{'advproxy errmsg auth ipcache ttl'}; + $errormessage =3D $Lang::tr{'advproxy errmsg max userip'}; goto ERROR; } - if ((!($proxysettings{'AUTH_MAX_USERIP'} eq '')) && ($proxysettings{'AUTH_= IPCACHE_TTL'} eq '0')) + if (!($proxysettings{'AUTH_MAX_USERIP'} eq '')) { $errormessage =3D $Lang::tr{'advproxy errmsg auth ipcache may not be null= '}; goto ERROR; @@ -552,33 +506,6 @@ if (($proxysettings{'ACTION'} eq $Lang::tr{'save'}) || (= $proxysettings{'ACTION'} } } } - if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') - { - if ($proxysettings{'NTLM_DOMAIN'} eq '') - { - $errormessage =3D $Lang::tr{'advproxy errmsg ntlm domain'}; - goto ERROR; - } - if ($proxysettings{'NTLM_PDC'} eq '') - { - $errormessage =3D $Lang::tr{'advproxy errmsg ntlm pdc'}; - goto ERROR; - } - if (!&General::validhostname($proxysettings{'NTLM_PDC'})) - { - $errormessage =3D $Lang::tr{'advproxy errmsg invalid pdc'}; - goto ERROR; - } - if ((!($proxysettings{'NTLM_BDC'} eq '')) && (!&General::validhostname($pr= oxysettings{'NTLM_BDC'}))) - { - $errormessage =3D $Lang::tr{'advproxy errmsg invalid bdc'}; - goto ERROR; - } - - $proxysettings{'NTLM_DOMAIN'} =3D lc($proxysettings{'NTLM_DOMAIN'}); - $proxysettings{'NTLM_PDC'} =3D lc($proxysettings{'NTLM_PDC'}); - $proxysettings{'NTLM_BDC'} =3D lc($proxysettings{'NTLM_BDC'}); - } if ($proxysettings{'AUTH_METHOD'} eq 'radius') { if (!&General::validip($proxysettings{'RADIUS_SERVER'})) @@ -834,36 +761,14 @@ $selected{'THROTTLING_GREEN_HOST'}{$proxysettings{'THRO= TTLING_GREEN_HOST'}} =3D "s $selected{'THROTTLING_BLUE_TOTAL'}{$proxysettings{'THROTTLING_BLUE_TOTAL'}} = =3D "selected=3D'selected'"; $selected{'THROTTLING_BLUE_HOST'}{$proxysettings{'THROTTLING_BLUE_HOST'}} = =3D "selected=3D'selected'"; =20 -$checked{'THROTTLE_BINARY'}{'off'} =3D ''; -$checked{'THROTTLE_BINARY'}{'on'} =3D ''; -$checked{'THROTTLE_BINARY'}{$proxysettings{'THROTTLE_BINARY'}} =3D "checked= =3D'checked'"; -$checked{'THROTTLE_DSKIMG'}{'off'} =3D ''; -$checked{'THROTTLE_DSKIMG'}{'on'} =3D ''; -$checked{'THROTTLE_DSKIMG'}{$proxysettings{'THROTTLE_DSKIMG'}} =3D "checked= =3D'checked'"; -$checked{'THROTTLE_MMEDIA'}{'off'} =3D ''; -$checked{'THROTTLE_MMEDIA'}{'on'} =3D ''; -$checked{'THROTTLE_MMEDIA'}{$proxysettings{'THROTTLE_MMEDIA'}} =3D "checked= =3D'checked'"; - $checked{'ENABLE_MIME_FILTER'}{'off'} =3D ''; $checked{'ENABLE_MIME_FILTER'}{'on'} =3D ''; $checked{'ENABLE_MIME_FILTER'}{$proxysettings{'ENABLE_MIME_FILTER'}} =3D "ch= ecked=3D'checked'"; =20 -$checked{'ENABLE_BROWSER_CHECK'}{'off'} =3D ''; -$checked{'ENABLE_BROWSER_CHECK'}{'on'} =3D ''; -$checked{'ENABLE_BROWSER_CHECK'}{$proxysettings{'ENABLE_BROWSER_CHECK'}} =3D= "checked=3D'checked'"; - -foreach (@useragentlist) { - @useragent =3D split(/,/); - $checked{'UA_'.$useragent[0]}{'off'} =3D ''; - $checked{'UA_'.$useragent[0]}{'on'} =3D ''; - $checked{'UA_'.$useragent[0]}{$proxysettings{'UA_'.$useragent[0]}} =3D "che= cked=3D'checked'"; -} - $checked{'AUTH_METHOD'}{'none'} =3D ''; $checked{'AUTH_METHOD'}{'ncsa'} =3D ''; $checked{'AUTH_METHOD'}{'ident'} =3D ''; $checked{'AUTH_METHOD'}{'ldap'} =3D ''; -$checked{'AUTH_METHOD'}{'ntlm'} =3D ''; $checked{'AUTH_METHOD'}{'ntlm-auth'} =3D ''; $checked{'AUTH_METHOD'}{'radius'} =3D ''; $checked{'AUTH_METHOD'}{$proxysettings{'AUTH_METHOD'}} =3D "checked=3D'check= ed'"; @@ -1034,12 +939,8 @@ print <
- - END ; -my $count =3D `ip n| wc -l`; -if ( $count < 1 ){$count =3D 1;} if ( -e "/usr/bin/squidclamav" ) { print ""; } else { print ""; } print ""; print ""; print < @@ -1531,7 +1430,15 @@ END ; =20 foreach (@throttle_limits) { - print "\t\n"; + my $val =3D $_; + my $unit =3D "kbit/s"; + + if ($val >=3D 1024) { + $unit =3D "Mbit/s"; + $val /=3D 1024; + } + + print "\t\n"; } =20 print < -
$Lang::tr{'advproxy redirector child= ren'}
$Lang::tr{'processes'}: 3D'*'".$Lang::tr{'advproxy squidclamav'}."
"; if ( ! -e "/var/run/clamav/clamd.pid" ){ @@ -1048,18 +949,16 @@ if ( -e "/usr/bin/squidclamav" ) { } else { print $Lang::tr{'advproxy enabled'}."
"; - print "+ ".int(( $count**(1/3)) * 8);} +} print "		".$Lang::tr{= 'advproxy url filter'}."
"; print $Lang::tr{'advproxy enabled'}."
"; -print "+ ".int(($count**(1/3)) * 6); print "		".$Lang:= :tr{'advproxy update accelerator'}."
"; print $Lang::tr{'advproxy enabled'}."
"; -print "+ ".int(($count**(1/3)) * 5); print "
- - - - - - - - - - - - -
$Lang::tr{'advproxy content based throttling'}: -
$Lang::tr{'advproxy throttle binary'}:$Lang::tr{'advproxy throttle dskimg'}:$Lang::tr{'advproxy throttle mmedia'}:  
@@ -1642,42 +1534,7 @@ print < =20
-
- - - -END -; -if ( $proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on' ){ -print < - - -
$Lang::tr{'advproxy web browser'} $Lang::tr{'advpr= oxy UA enable filter'}:
-END -; -if (@useragentlist) { print "$Lang::tr{'advproxy allowed web browsers'}:"; }= else { print "$Lang::tr{'advproxy no clients defined'}"; } -print <
- -END -; =20 -for ($n=3D0; $n<=3D@useragentlist; $n =3D $n + $i) { - for ($i=3D0; $i<=3D3; $i++) { - if ($i eq 0) { print "\n"; } - if (($n+$i) < @useragentlist) { - @useragent =3D split(/,/,@useragentlist[$n+$i]); - print "\n"; - } - if ($i eq 3) { print "<\/tr>\n"; } - } -} -} -print < -
$useragent[1]:<\/td>\n"; - print "
@@ -1711,7 +1568,6 @@ print <$Lang::tr{'= advproxy AUTH method ncsa'} - END =20 if ($HAVE_NTLM_AUTH) { @@ -1789,10 +1645,6 @@ print <$Lang::tr{'advproxy AUTH limit of IP addresses'}: - - - - @@ -1926,80 +1778,6 @@ if ($proxysettings{'AUTH_METHOD'} eq 'ident') { print = < -
$Lang::tr{'advproxy privacy'}$Lang::tr= {'advproxy AUTH method ident'} $Lang::tr{'= advproxy AUTH method ldap'}$Lang::tr{'= advproxy AUTH method ntlm'}
$Lang::tr{'advproxy AUTH user IP cache TTL'}:
$Lang::tr{'advproxy AUTH always required'}:
- - - - - - - - - - - -
$Lang::tr{'advproxy NTLM domain settings'}
$Lang::tr{'advproxy NTLM domain'}:$Lang::tr{'advproxy NTLM PDC hostname'}:$Lang::tr{'advproxy NTLM BDC hostname'}:
-
- - - - - - - - - -
$Lang::tr{'advproxy NTLM auth mode'}
$Lang::tr{'advproxy NTLM use= integrated auth'}: 
-
- - - - - - - - - - - - - - - - - - - - - - -
$Lang::tr{'advproxy NTLM user based access restriction= s'}
$Lang::tr{'advproxy enabled'}:  
- $Lang::tr{'advproxy NTLM use positive access list'}: - $Lang::tr{'advproxy NTLM use negative access list'}:
$Lang::tr{'advproxy NTLM authorized users'}$Lang::tr{'advproxy NTLM unauthorized users'}
-END -; } - # =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D # NTLM-AUTH settings # =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D @@ -2163,7 +1941,6 @@ print < - @@ -2175,7 +1952,6 @@ print < - END ; } @@ -2211,19 +1987,6 @@ print < - - - - - - - -END -; } - if (!($proxysettings{'AUTH_METHOD'} eq 'radius')) { print < @@ -2513,18 +2276,6 @@ sub read_acls while () { $proxysettings{'MIME_TYPES'} .=3D $_ }; close(FILE); } - if (-e "$ntlmdir/msntauth.allowusers") { - open(FILE,"$ntlmdir/msntauth.allowusers"); - delete $proxysettings{'NTLM_ALLOW_USERS'}; - while () { $proxysettings{'NTLM_ALLOW_USERS'} .=3D $_ }; - close(FILE); - } - if (-e "$ntlmdir/msntauth.denyusers") { - open(FILE,"$ntlmdir/msntauth.denyusers"); - delete $proxysettings{'NTLM_DENY_USERS'}; - while () { $proxysettings{'NTLM_DENY_USERS'} .=3D $_ }; - close(FILE); - } if (-e "$raddir/radauth.allowusers") { open(FILE,"$raddir/radauth.allowusers"); delete $proxysettings{'RADIUS_ALLOW_USERS'}; @@ -2933,23 +2684,6 @@ sub write_acls if (!$proxysettings{'PORTS_SSL'}) { print FILE $def_ports_ssl; } else { pri= nt FILE $proxysettings{'PORTS_SSL'}; } close(FILE); =20 - open(FILE, ">$acl_dst_throttle"); - flock(FILE, 2); - if ($proxysettings{'THROTTLE_BINARY'} eq 'on') - { - @temp =3D split(/\|/,$throttle_binary); - foreach (@temp) { print FILE "\\.$_\$\n"; } - } - if ($proxysettings{'THROTTLE_DSKIMG'} eq 'on') - { - @temp =3D split(/\|/,$throttle_dskimg); - foreach (@temp) { print FILE "\\.$_\$\n"; } - } - if ($proxysettings{'THROTTLE_MMEDIA'} eq 'on') - { - @temp =3D split(/\|/,$throttle_mmedia); - foreach (@temp) { print FILE "\\.$_\$\n"; } - } if (-s $throttled_urls) { open(URLFILE, $throttled_urls); @@ -2964,16 +2698,6 @@ sub write_acls print FILE $proxysettings{'MIME_TYPES'}; close(FILE); =20 - open(FILE, ">$ntlmdir/msntauth.allowusers"); - flock(FILE, 2); - print FILE $proxysettings{'NTLM_ALLOW_USERS'}; - close(FILE); - - open(FILE, ">$ntlmdir/msntauth.denyusers"); - flock(FILE, 2); - print FILE $proxysettings{'NTLM_DENY_USERS'}; - close(FILE); - open(FILE, ">$raddir/radauth.allowusers"); flock(FILE, 2); print FILE $proxysettings{'RADIUS_ALLOW_USERS'}; @@ -3332,6 +3056,11 @@ END } print FILE "\n"; =20 + # If we use authentication, users must always authenticate + unless ($proxysettings{"AUTH_METHOD"} eq "") { + print FILE "authenticate_ip_ttl 0\n\n"; + } + if ((!($proxysettings{'AUTH_METHOD'} eq 'none')) && (!($proxysettings{'AUTH= _METHOD'} eq 'ident'))) { if ($proxysettings{'AUTH_METHOD'} eq 'ncsa') @@ -3340,7 +3069,6 @@ END print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n"; print FILE "auth_param basic realm $authrealm\n"; print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_TT= L'} minutes\n"; - if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthent= icate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; } } =20 if ($proxysettings{'AUTH_METHOD'} eq 'ldap') @@ -3385,40 +3113,6 @@ END print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n"; print FILE "auth_param basic realm $authrealm\n"; print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_TT= L'} minutes\n"; - if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthent= icate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; } - } - - if ($proxysettings{'AUTH_METHOD'} eq 'ntlm') - { - if ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on') - { - print FILE "auth_param ntlm program $authdir/ntlm_smb_lm_auth $proxysett= ings{'NTLM_DOMAIN'}/$proxysettings{'NTLM_PDC'}"; - if ($proxysettings{'NTLM_BDC'} eq '') { print FILE "\n"; } else { print = FILE " $proxysettings{'NTLM_DOMAIN'}/$proxysettings{'NTLM_BDC'}\n"; } - print FILE "auth_param ntlm children $proxysettings{'AUTH_CHILDREN'}\n"; - if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthen= ticate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; } - } else { - print FILE "auth_param basic program $authdir/basic_msnt_auth\n"; - print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n"; - print FILE "auth_param basic realm $authrealm\n"; - print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_T= TL'} minutes\n"; - if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthen= ticate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; } - - open(MSNTCONF, ">$ntlmdir/msntauth.conf"); - flock(MSNTCONF,2); - print MSNTCONF "server $proxysettings{'NTLM_PDC'}"; - if ($proxysettings{'NTLM_BDC'} eq '') { print MSNTCONF " $proxysettings{= 'NTLM_PDC'}"; } else { print MSNTCONF " $proxysettings{'NTLM_BDC'}"; } - print MSNTCONF " $proxysettings{'NTLM_DOMAIN'}\n"; - if ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') - { - if ($proxysettings{'NTLM_USER_ACL'} eq 'positive') - { - print MSNTCONF "allowusers $ntlmdir/msntauth.allowusers\n"; - } else { - print MSNTCONF "denyusers $ntlmdir/msntauth.denyusers\n"; - } - } - close(MSNTCONF); - } } =20 if ($proxysettings{'AUTH_METHOD'} eq 'ntlm-auth') @@ -3433,6 +3127,7 @@ END print FILE "\n"; =20 print FILE "auth_param ntlm children $proxysettings{'AUTH_CHILDREN'}\n\n"; + print FILE "auth_param ntlm credentialsttl $proxysettings{'AUTH_CACHE_TTL= '} minutes\n\n"; =20 # BASIC authentication if ($proxysettings{'NTLM_AUTH_BASIC'} eq "on") { @@ -3444,9 +3139,9 @@ END print FILE " --require-membership-of=3D$ntlm_auth_group"; } print FILE "\n"; - print FILE "auth_param basic children 10\n"; - print FILE "auth_param basic realm IPFire Web Proxy Server\n"; - print FILE "auth_param basic credentialsttl 2 hours\n\n"; + print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n"; + print FILE "auth_param basic realm $authrealm\n"; + print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_T= TL'} minutes\n\n"; } } =20 @@ -3458,22 +3153,10 @@ END print FILE "auth_param basic children $proxysettings{'AUTH_CHILDREN'}\n"; print FILE "auth_param basic realm $authrealm\n"; print FILE "auth_param basic credentialsttl $proxysettings{'AUTH_CACHE_TT= L'} minutes\n"; - if (!($proxysettings{'AUTH_IPCACHE_TTL'} eq '0')) { print FILE "\nauthent= icate_ip_ttl $proxysettings{'AUTH_IPCACHE_TTL'} minutes\n"; } } =20 print FILE "\n"; print FILE "acl for_inetusers proxy_auth REQUIRED\n"; - if (($proxysettings{'AUTH_METHOD'} eq 'ntlm') && ($proxysettings{'NTLM_ENA= BLE_INT_AUTH'} eq 'on') && ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on')) - { - if ((!-z "$ntlmdir/msntauth.allowusers") && ($proxysettings{'NTLM_USER_AC= L'} eq 'positive')) - { - print FILE "acl for_acl_users proxy_auth \"$ntlmdir/msntauth.allowusers\= "\n"; - } - if ((!-z "$ntlmdir/msntauth.denyusers") && ($proxysettings{'NTLM_USER_ACL= '} eq 'negative')) - { - print FILE "acl for_acl_users proxy_auth \"$ntlmdir/msntauth.denyusers\"= \n"; - } - } if (($proxysettings{'AUTH_METHOD'} eq 'radius') && ($proxysettings{'RADIUS= _ENABLE_ACL'} eq 'on')) { if ((!-z "$raddir/radauth.allowusers") && ($proxysettings{'RADIUS_USER_AC= L'} eq 'positive')) @@ -3526,8 +3209,6 @@ END =20 if (($delaypools) && (!-z $acl_dst_throttle)) { print FILE "acl for_throttl= ed_urls url_regex -i \"$acl_dst_throttle\"\n\n"; } =20 - if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') { print FILE "acl with_= allowed_useragents browser $browser_regexp\n\n"; } - print FILE "acl within_timeframe time "; if ($proxysettings{'TIME_MON'} eq 'on') { print FILE "M"; } if ($proxysettings{'TIME_TUE'} eq 'on') { print FILE "T"; } @@ -3778,7 +3459,6 @@ END print FILE " !within_timeframe"; } else { print FILE " within_timeframe"; } - if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') { print FILE " with_a= llowed_useragents"; } print FILE " to_ipaddr_without_auth\n"; } if (!-z $acl_dst_noauth_dom) @@ -3788,7 +3468,6 @@ END print FILE " !within_timeframe"; } else { print FILE " within_timeframe"; } - if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') { print FILE " with_a= llowed_useragents"; } print FILE " to_domains_without_auth\n"; } if (!-z $acl_dst_noauth_url) @@ -3798,7 +3477,6 @@ END print FILE " !within_timeframe"; } else { print FILE " within_timeframe"; } - if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') { print FILE " with_a= llowed_useragents"; } print FILE " to_hosts_without_auth\n"; } } @@ -3832,24 +3510,10 @@ END { if (!-z $disgrp) { print FILE " !for_disabled_users"; } else { print FIL= E " for_inetusers"; } } - if (($proxysettings{'AUTH_METHOD'} eq 'ldap') || (($proxysettings{'AUTH_M= ETHOD'} eq 'ntlm') && ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'off')) || (= $proxysettings{'AUTH_METHOD'} eq 'radius')) + if (($proxysettings{'AUTH_METHOD'} eq 'ldap') || ($proxysettings{'AUTH_ME= THOD'} eq 'radius')) { print FILE " for_inetusers"; } - if (($proxysettings{'AUTH_METHOD'} eq 'ntlm') && ($proxysettings{'NTLM_EN= ABLE_INT_AUTH'} eq 'on')) - { - if ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') - { - if (($proxysettings{'NTLM_USER_ACL'} eq 'positive') && (!-z "$ntlmdir/m= sntauth.allowusers")) - { - print FILE " for_acl_users"; - } - if (($proxysettings{'NTLM_USER_ACL'} eq 'negative') && (!-z "$ntlmdir/m= sntauth.denyusers")) - { - print FILE " !for_acl_users"; - } - } else { print FILE " for_inetusers"; } - } if (($proxysettings{'AUTH_METHOD'} eq 'radius') && ($proxysettings{'RADIU= S_ENABLE_ACL'} eq 'on')) { if ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on') @@ -3877,24 +3541,10 @@ END { if (!-z $disgrp) { print FILE " !for_disabled_users"; } else { print FIL= E " for_inetusers"; } } - if (($proxysettings{'AUTH_METHOD'} eq 'ldap') || (($proxysettings{'AUTH_M= ETHOD'} eq 'ntlm') && ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'off')) || (= $proxysettings{'AUTH_METHOD'} eq 'radius')) + if (($proxysettings{'AUTH_METHOD'} eq 'ldap') || ($proxysettings{'AUTH_ME= THOD'} eq 'radius')) { print FILE " for_inetusers"; } - if (($proxysettings{'AUTH_METHOD'} eq 'ntlm') && ($proxysettings{'NTLM_EN= ABLE_INT_AUTH'} eq 'on')) - { - if ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') - { - if (($proxysettings{'NTLM_USER_ACL'} eq 'positive') && (!-z "$ntlmdir/m= sntauth.allowusers")) - { - print FILE " for_acl_users"; - } - if (($proxysettings{'NTLM_USER_ACL'} eq 'negative') && (!-z "$ntlmdir/m= sntauth.denyusers")) - { - print FILE " !for_acl_users"; - } - } else { print FILE " for_inetusers"; } - } if (($proxysettings{'AUTH_METHOD'} eq 'radius') && ($proxysettings{'RADIU= S_ENABLE_ACL'} eq 'on')) { if ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on') @@ -3920,14 +3570,6 @@ END } =20 if ( - ( - ($proxysettings{'AUTH_METHOD'} eq 'ntlm') && - ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on') && - ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') && - ($proxysettings{'NTLM_USER_ACL'} eq 'negative') && - (!-z "$ntlmdir/msntauth.denyusers") - ) - || ( ($proxysettings{'AUTH_METHOD'} eq 'radius') && ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on') && @@ -3956,20 +3598,11 @@ END print FILE " !within_timeframe"; } else { print FILE " within_timeframe"; } - if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') { print FILE " with_al= lowed_useragents"; } print FILE " !on_ident_aware_hosts\n"; } =20 print FILE "http_access allow IPFire_networks"; if ( - ( - ($proxysettings{'AUTH_METHOD'} eq 'ntlm') && - ($proxysettings{'NTLM_ENABLE_INT_AUTH'} eq 'on') && - ($proxysettings{'NTLM_ENABLE_ACL'} eq 'on') && - ($proxysettings{'NTLM_USER_ACL'} eq 'positive') && - (!-z "$ntlmdir/msntauth.allowusers") - ) - || ( ($proxysettings{'AUTH_METHOD'} eq 'radius') && ($proxysettings{'RADIUS_ENABLE_ACL'} eq 'on') && @@ -3999,7 +3632,6 @@ END print FILE " !within_timeframe"; } else { print FILE " within_timeframe"; } - if ($proxysettings{'ENABLE_BROWSER_CHECK'} eq 'on') { print FILE " with_all= owed_useragents"; } print FILE "\n"; =20 print FILE "http_access deny all\n\n"; @@ -4095,7 +3727,10 @@ END if (($proxysettings{'ENABLE_FILTER'} eq 'on') || ($proxysettings{'ENABLE_UP= DXLRATOR'} eq 'on') || ($proxysettings{'ENABLE_CLAMAV'} eq 'on')) { print FILE "url_rewrite_program /usr/sbin/redirect_wrapper\n"; - print FILE "url_rewrite_children $proxysettings{'CHILDREN'}\n\n"; + print FILE "url_rewrite_children ", &General::number_cpu_cores(); + print FILE " startup=3D", &General::number_cpu_cores(); + print FILE " idle=3D", &General::number_cpu_cores(); + print FILE " queue-size=3D", &General::number_cpu_cores() * 32, "\n\n"; } =20 # Include file with user defined settings. diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi index 21fd1f4cd..a5d27c8d8 100644 --- a/html/cgi-bin/vpnmain.cgi +++ b/html/cgi-bin/vpnmain.cgi @@ -149,7 +149,12 @@ sub cleanssldatabase { print FILE ""; close FILE; } + if (open(FILE, ">${General::swroot}/certs/index.txt.attr")) { + print FILE ""; + close FILE; + } unlink ("${General::swroot}/certs/index.txt.old"); + unlink ("${General::swroot}/certs/index.txt.attr.old"); unlink ("${General::swroot}/certs/serial.old"); unlink ("${General::swroot}/certs/01.pem"); } @@ -162,7 +167,11 @@ sub newcleanssldatabase { if (! -s ">${General::swroot}/certs/index.txt") { system ("touch ${General::swroot}/certs/index.txt"); } + if (! -s ">${General::swroot}/certs/index.txt.attr") { + system ("touch ${General::swroot}/certs/index.txt.attr"); + } unlink ("${General::swroot}/certs/index.txt.old"); + unlink ("${General::swroot}/certs/index.txt.attr.old"); unlink ("${General::swroot}/certs/serial.old"); # unlink ("${General::swroot}/certs/01.pem"); numbering evolves. Wrong plac= e to delete } diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl index 42eb14103..2f3ed41bc 100644 --- a/langs/de/cgi-bin/de.pl +++ b/langs/de/cgi-bin/de.pl @@ -821,7 +821,7 @@ 'dnsforward configuration' =3D> 'Einstellungen f=C3=BCr DNS Weiterleitung', 'dnsforward edit an entry' =3D> 'Existierenden Eintrag bearbeiten', 'dnsforward entries' =3D> 'Aktuelle Eintr=C3=A4ge', -'dnsforward forward_server' =3D> 'DNS-Server', +'dnsforward forward_servers' =3D> 'DNS-Server', 'dnsforward zone' =3D> 'Zone', 'dnssec aware' =3D> 'DNSSEC-Informationen verf=C3=BCgbar, aber nicht validie= rend', 'dnssec disabled warning' =3D> 'WARNUNG: DNSSEC wurde deaktiviert', @@ -1405,6 +1405,7 @@ 'invalid input for state or province' =3D> 'Ung=C3=BCltige Eingabe f=C3=BCr = Bundesstaat oder Provinz.', 'invalid input for valid till days' =3D> 'Ung=C3=BCltige Eingabe f=C3=BCr G= =C3=BCltig bis (Tage).', 'invalid ip' =3D> 'Ung=C3=BCltige IP-Adresse', +'invalid ip or hostname' =3D> 'Ung=C3=BCltige IP-Addresse oder Hostname', 'invalid keep time' =3D> 'Die Aufbewahrungszeit muss eine g=C3=BCltige Zahl = sein', 'invalid key' =3D> 'Ung=C3=BCltiger Schl=C3=BCssel.', 'invalid loaded file' =3D> 'Ung=C3=BCltige geladene Datei', @@ -2166,7 +2167,7 @@ 'ssh no active logins' =3D> 'Keine aktiven Benutzeranmeldungen', 'ssh no auth' =3D> 'Sie haben keinerlei Authentifizierungverfahren zugelasse= n; dies wird Ihre Anmeldung verhindern', 'ssh passwords' =3D> 'Passwortbasierte Authentifizierung zulassen', -'ssh port' =3D> 'SSH-Port auf 222 setzen (Standard ist 22)', +'ssh port' =3D> 'SSH-Port auf Standardport 22 setzen (andernfalls 222)', 'ssh portfw' =3D> 'TCP-Weiterleitung zulassen', 'ssh tempstart15' =3D> 'SSH-Deamon in 15 Minuten beenden', 'ssh tempstart30' =3D> 'SSH-Deamon in 30 Minuten beenden', diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl index e9356407a..258176970 100644 --- a/langs/en/cgi-bin/en.pl +++ b/langs/en/cgi-bin/en.pl @@ -846,7 +846,7 @@ 'dnsforward configuration' =3D> 'DNS forward configuration', 'dnsforward edit an entry' =3D> 'Edit an existing entry', 'dnsforward entries' =3D> 'Current entries', -'dnsforward forward_server' =3D> 'Nameserver', +'dnsforward forward_servers' =3D> 'Nameservers', 'dnsforward zone' =3D> 'Zone', 'dnssec aware' =3D> 'DNSSEC Aware', 'dnssec disabled warning' =3D> 'WARNING: DNSSEC has been disabled', @@ -1436,6 +1436,7 @@ 'invalid input for state or province' =3D> 'Invalid input for state or provi= nce.', 'invalid input for valid till days' =3D> 'Invalid input for Valid till (days= ).', 'invalid ip' =3D> 'Invalid IP Address', +'invalid ip or hostname' =3D> 'Invalid IP Address or Hostname', 'invalid keep time' =3D> 'Keep time must be a valid number', 'invalid key' =3D> 'Invalid key.', 'invalid loaded file' =3D> 'Invalid loaded file', @@ -2204,7 +2205,7 @@ 'ssh no active logins' =3D> 'No active logins', 'ssh no auth' =3D> 'You have not allowed any authentication methods; this wi= ll stop you logging in', 'ssh passwords' =3D> 'Allow password based authentication', -'ssh port' =3D> 'SSH port set to 222 (default is 22)', +'ssh port' =3D> 'Set SSH port to default 22 (222 is used otherwise)', 'ssh portfw' =3D> 'Allow TCP forwarding', 'ssh tempstart15' =3D> 'Stop SSH demon in 15 minutes', 'ssh tempstart30' =3D> 'Stop SSH demon in 30 minutes', diff --git a/langs/fr/cgi-bin/fr.pl b/langs/fr/cgi-bin/fr.pl index 9fa05fef5..b89254b59 100644 --- a/langs/fr/cgi-bin/fr.pl +++ b/langs/fr/cgi-bin/fr.pl @@ -240,7 +240,7 @@ 'advproxy RADIUS use negative access list' =3D> 'Utilisation n=C3=A9gative d= e contr=C3=B4le d\'acc=C3=A8s', 'advproxy RADIUS use positive access list' =3D> 'Utilisation positive de con= tr=C3=B4le d\'acc=C3=A8s', 'advproxy RADIUS user based access restrictions' =3D> 'Utilisateur en foncti= on des restrictions d\'acc=C3=A8s', -'advproxy UA enable filter' =3D> 'Activer la v=C3=A9rification du navigateur= ', +'advproxy UA enable filter' =3D> 'Activer la v=C3=A9rification du navigateur= ', 'advproxy access' =3D> 'Acc=C3=A8s', 'advproxy admin mail' =3D> 'Email administrateur du cache ', 'advproxy advanced proxy' =3D> 'Proxy avanc=C3=A9', @@ -249,8 +249,8 @@ 'advproxy allowed subnets' =3D> 'Sous-r=C3=A9seaux autoris=C3=A9s (un par li= gne) ', 'advproxy allowed web browsers' =3D> 'Clients autoris=C3=A9s pour l\'acc=C3= =A8s web', 'advproxy back to main page' =3D> 'Retour =C3=A0 l\'accueil', -'advproxy banned ip clients' =3D> 'Adresses IP interdites (une par ligne)', -'advproxy banned mac clients' =3D> 'Adresses MAC interdites (une par ligne)', +'advproxy banned ip clients' =3D> 'Adresses IP interdites (une par ligne) ', +'advproxy banned mac clients' =3D> 'Adresses MAC interdites (une par ligne) = ', 'advproxy basic authentication' =3D> 'Autoriser l\'authentification HTTP bas= ique', 'advproxy cache management' =3D> 'Gestion du cache', 'advproxy cache replacement policy' =3D> 'Politique du cache de remplacement= ', @@ -267,7 +267,7 @@ 'advproxy clear cache' =3D> 'Effacer le cache', 'advproxy client IP forwarding' =3D> 'Adresse ip du client \'transf=C3=A9r= =C3=A9\' ', 'advproxy common settings' =3D> 'Param=C3=A8tres communs', -'advproxy content based throttling' =3D> 'Activer le contenu en fonction de = la capacit=C3=A9', +'advproxy content based throttling' =3D> 'Activer le contenu en fonction de = la capacit=C3=A9 ', 'advproxy cre disabled' =3D> 'L\'interface de gestion a =C3=A9t=C3=A9 d=C3= =A9sactiv=C3=A9e par l\'administrateur', 'advproxy cre group definitions' =3D> 'Groupe de d=C3=A9finitions de classe', 'advproxy cre supervisors' =3D> 'Superviseur des adresses IP (une par ligne)= ', @@ -316,10 +316,10 @@ 'advproxy errmsg radius secret' =3D> 'Pass-phrase RADIUS requise', 'advproxy errmsg radius server' =3D> 'Adresse IP du serveur RADIUS non valid= e', 'advproxy errmsg time restriction' =3D> 'Restriction horaire non valide', -'advproxy error design' =3D> 'Construction des messages erron=C3=A9es', -'advproxy error language' =3D> 'Langage des messages erron=C3=A9s', -'advproxy fake referer' =3D> 'Fausses r=C3=A9f=C3=A9rences soumises aux site= s externes', -'advproxy fake useragent' =3D> 'Faux useragent soumis aux sites externes', +'advproxy error design' =3D> 'Construction des messages erron=C3=A9es ', +'advproxy error language' =3D> 'Langage des messages erron=C3=A9s ', +'advproxy fake referer' =3D> 'Fausses r=C3=A9f=C3=A9rences soumises aux site= s externes ', +'advproxy fake useragent' =3D> 'Faux useragent soumis aux sites externes ', 'advproxy friday' =3D> 'Ven', 'advproxy from' =3D> 'De', 'advproxy group access control' =3D> 'Contr=C3=B4le d\'acc=C3=A8s bas=C3=A9 = sur le groupe', @@ -330,9 +330,9 @@ 'advproxy log query' =3D> 'Termes de recherche en rapports ', 'advproxy log settings' =3D> 'Configuration des rapports', 'advproxy log useragent' =3D> 'Rapport des robots (de recherche) ', -'advproxy max download size' =3D> 'Volume de t=C3=A9l=C3=A9chargement maxima= l (Ko)', +'advproxy max download size' =3D> 'Volume de t=C3=A9l=C3=A9chargement maxima= l (Ko) ', 'advproxy max size' =3D> 'Volume d\'objet maximal (Ko) ', -'advproxy max upload size' =3D> 'Volume d\'envoi maximal (Ko)', +'advproxy max upload size' =3D> 'Volume d\'envoi maximal (Ko) ', 'advproxy memory replacement policy' =3D> 'Politique de remplacement de m=C3= =A9moire ', 'advproxy min size' =3D> 'Volume d\'objet minimal (Ko) ', 'advproxy mode allow' =3D> 'autoriser', @@ -350,14 +350,14 @@ 'advproxy offline mode' =3D> 'Autoriser le mode hors connexion ', 'advproxy on' =3D> 'Proxy allum=C3=A9', 'advproxy privacy' =3D> 'Priv=C3=A9', -'advproxy proxy port' =3D> 'Port proxy', -'advproxy proxy port transparent' =3D> 'Port transparent', +'advproxy proxy port' =3D> 'Port proxy ', +'advproxy proxy port transparent' =3D> 'Port transparent ', 'advproxy ram cache size' =3D> 'Taille cache m=C3=A9moire (Mo) ', 'advproxy redirector children' =3D> 'Nombre de processus de filtre', 'advproxy reset' =3D> 'Relancer', 'advproxy saturday' =3D> 'Sam', 'advproxy save and restart' =3D> 'Sauvegarder et red=C3=A9marrer', -'advproxy squid version' =3D> 'Version Squid Cache', +'advproxy squid version' =3D> 'Version Squid Cache ', 'advproxy squidclamav' =3D> 'SquidClamav', 'advproxy ssadvanced proxy' =3D> 'Proxy avanc=C3=A9', 'advproxy ssl ports' =3D> 'Ports SSL autoris=C3=A9s (un par ligne) ', @@ -365,10 +365,10 @@ 'advproxy standard ports' =3D> 'Ports standards autoris=C3=A9s (un par ligne= ) ', 'advproxy sunday' =3D> 'Dim', 'advproxy supervisor password' =3D> 'Mot de passe superviseur', -'advproxy suppress version' =3D> 'Informations sur la version supprim=C3=A9e= ', -'advproxy throttle binary' =3D> 'Fichiers binaires', -'advproxy throttle dskimg' =3D> 'Images CD', -'advproxy throttle mmedia' =3D> 'Multim=C3=A9dia', +'advproxy suppress version' =3D> 'Informations sur la version supprim=C3=A9e= ', +'advproxy throttle binary' =3D> 'Fichiers binaires ', +'advproxy throttle dskimg' =3D> 'Images CD ', +'advproxy throttle mmedia' =3D> 'Multim=C3=A9dia ', 'advproxy throttling per host on' =3D> 'Limite par h=C3=B4te', 'advproxy throttling total on' =3D> 'Limite globale', 'advproxy throttling unlimited' =3D> 'illimit=C3=A9', @@ -379,8 +379,8 @@ 'advproxy transparent on' =3D> 'Transparent sur', 'advproxy tuesday' =3D> 'Mar', 'advproxy unknown' =3D> 'Inconnu', -'advproxy unrestricted ip clients' =3D> 'Adresses IP sans restriction (une p= ar ligne)', -'advproxy unrestricted mac clients' =3D> 'Adresses MAC sans restriction (une= par ligne)', +'advproxy unrestricted ip clients' =3D> 'Adresses IP sans restriction (une p= ar ligne) ', +'advproxy unrestricted mac clients' =3D> 'Adresses MAC sans restriction (une= par ligne) ', 'advproxy update accelerator' =3D> 'Mise =C3=A0 jour acc=C3=A9l=C3=A9rateur', 'advproxy update information' =3D> 'Une mise =C3=A0 jour est disponible pour= le t=C3=A9l=C3=A9chargement. Visitez http://www.advproxy.net pour plus d\'informations.', 'advproxy update notification' =3D> 'Alerte de mise =C3=A0 jour !', @@ -391,7 +391,7 @@ 'advproxy url filter' =3D> 'Filtre URL', 'advproxy username forwarding' =3D> 'Nom d\'utilisateur transf=C3=A9r=C3=A9 = ', 'advproxy via forwarding' =3D> 'Adresse proxy transf=C3=A9r=C3=A9e ', -'advproxy visible hostname' =3D> 'Nom d\'h=C3=B4te visible', +'advproxy visible hostname' =3D> 'Nom d\'h=C3=B4te visible ', 'advproxy web browser' =3D> 'Navigateur web', 'advproxy wednesday' =3D> 'Mer', 'again' =3D> 'De nouveau :', @@ -404,7 +404,7 @@ 'album' =3D> 'Album', 'alcatelusb help' =3D> 'Pour utiliser les modems Speedtouch 330 ou Speedtouc= h USB, vous devez charger le firmware dans votre PC IPFire. Veuillez t=C3=A9l= =C3=A9charger le Firmware Embarqu=C3=A9 paquet pour SpeedTouch 330 dep= uis speedtouch.com; d=C3=A9zippez le et chargez le fichier appropri=C3=A9 =C3= =A0 votre modem : KQD6_3.xxx quand Rev<4 ou ZZZL_3.xxx pour Rev=3D4 en utilis= ant le formulaire ci-dessous.', 'alcatelusb upload' =3D> 'Charger le firmware Speedtouch USB', -'alias ip' =3D> 'Alias IP', +'alias ip' =3D> 'Alias IP ', 'aliases' =3D> 'Alias', 'aliases not active' =3D> 'Les alias ne seront pas actifs tant que votre int= erface ROUGE est en mode STATIQUE', 'all' =3D> 'Tous', @@ -511,7 +511,7 @@ 'cached memory' =3D> 'M=C3=A9moire tampon ', 'cached swap' =3D> 'Swap tampon', 'calamaris available reports' =3D> 'Rapports disponibles ', -'calamaris byte unit' =3D> 'Echelle de bits ', +'calamaris byte unit' =3D> 'Unit=C3=A9 (octets) ', 'calamaris create report' =3D> 'Cr=C3=A9er un rapport', 'calamaris enable content report' =3D> 'Autoriser le contenu du rapport ', 'calamaris enable distribution histogram' =3D> 'Autoriser l\'histogramme de = distribution ', @@ -618,8 +618,8 @@ 'clear cache' =3D> 'Vider le cache', 'clear playlist' =3D> 'Liste de lecture vide', 'clenabled' =3D> 'Fournir du temps au r=C3=A9seau local', -'click to disable' =3D> 'Activ=C3=A9 (cliquer pour d=C3=A9sactiver)', -'click to enable' =3D> 'D=C3=A9sactiv=C3=A9 (cliquer pour activer)', +'click to disable' =3D> 'Activ=C3=A9 (cocher pour d=C3=A9sactiver)', +'click to enable' =3D> 'D=C3=A9sactiv=C3=A9 (cocher pour activer)', 'client' =3D> 'Nom de la station (ordinateur)', 'clock has not been synchronized' =3D> 'L\'horloge n\'est pas synchronis=C3= =A9e', 'clock last synchronized at' =3D> 'L\'horloge a =C3=A9t=C3=A9 synchronis=C3= =A9e =C3=A0 :', @@ -789,10 +789,10 @@ 'dhcp fixed lease help1' =3D> 'L\'adresse IP doit =C3=AAtre saisie comme FQD= N', 'dhcp mode' =3D> 'DHCP', 'dhcp server' =3D> 'Serveur DHCP', -'dhcp server disabled' =3D> 'Serveur DHCP =C3=A9teint. Arr=C3=AAt=C3=A9.', -'dhcp server disabled on blue interface' =3D> 'Serveur DHCP arr=C3=AAt=C3=A9= sur l\'interface BLEUE', -'dhcp server enabled' =3D> 'Serveur DHCP d=C3=A9marr=C3=A9. Red=C3=A9marrage= .', -'dhcp server enabled on blue interface' =3D> 'Serveur DHCP d=C3=A9marr=C3=A9= sur l\'interface BLEUE', +'dhcp server disabled' =3D> 'Serveur DHCP eteint. Arrete.', +'dhcp server disabled on blue interface' =3D> 'Serveur DHCP arrete sur l\'in= terface BLEUE', +'dhcp server enabled' =3D> 'Serveur DHCP demarre. Redemarrage.', +'dhcp server enabled on blue interface' =3D> 'Serveur DHCP demarre sur l\'in= terface BLEUE', 'dhcp-options' =3D> 'Options Push DHCP', 'dial' =3D> 'Connexion', 'dial profile' =3D> 'Contact avec le profil', @@ -826,11 +826,11 @@ 'dns address done' =3D> 'Les adresses du serveur DNS vont =C3=AAtre sauvegar= d=C3=A9es.', 'dns address recon' =3D> 'Tentative de reconnexion !', 'dns check failed' =3D> 'La v=C3=A9rification DNS a =C3=A9chou=C3=A9e', -'dns desc' =3D> 'Si l\'interface ROUGE0 obtient ses informations d\'adresse = IP via le DHCP du fournisseur d\'acc=C3=A8s, les adresses du serveur DNS sero= nt d=C3=A9finies automatiquement. Maintenant, vous pouvez =C3=A9galement chan= ger les adresses IP du serveur DNS par celles de votre choix.', +'dns desc' =3D> 'Si l\'interface ROUGE0 obtient ses informations d\'adresse = IP via le DHCP du fournisseur d\'acc=C3=A8s, les adresses du serveur DNS sero= nt d=C3=A9finies automatiquement. Sinon, vous pouvez =C3=A9galement remplacer= les adresses IP du serveur DNS par celles de votre choix.', 'dns error 0' =3D> 'L\'adresse IP du premier serveur DNS n\= 'est pas valide, veuillez revoir votre saisie
La saisie de l\'adresse du= second serveur DNS est valide.', 'dns error 01' =3D> 'Les adresses IP du premier et du second serveur DNS ne sont pas valides, veuillez revoir vos saisi= es', 'dns error 1' =3D> 'L\'adresse IP du second serveur DNS n\'= est pas valide, veuillez revoir votre saisie
La saisie de l\'adresse du = premier serveur DNS est valide.', -'dns header' =3D> 'Assigner les adresses du serveur DNS seulemement pour le = DHCP sur ROUGE0', +'dns header' =3D> 'Assigner les adresses du serveur DNS seulement pour le DH= CP sur ROUGE0', 'dns list' =3D> 'Liste de serveurs DNS publiques gratuits', 'dns menu' =3D> 'Assigner un serveur DNS', 'dns new 0' =3D> 'Nouvelle adresse IP du premier serveur DN= S :', @@ -846,8 +846,8 @@ 'dnsforward configuration' =3D> 'Configuration de transfert DNS', 'dnsforward edit an entry' =3D> 'Modifier une entr=C3=A9e existante', 'dnsforward entries' =3D> 'Entr=C3=A9es actuelles', -'dnsforward forward_server' =3D> 'Nom du serveur', -'dnsforward zone' =3D> 'Zone', +'dnsforward forward_server' =3D> 'Nom du serveur ', +'dnsforward zone' =3D> 'Zone ', 'dnssec aware' =3D> 'DNSSEC Aware', 'dnssec disabled warning' =3D> 'AVERTISSEMENT : DNSSEC a =C3=A9t=C3=A9 d=C3= =A9sactiv=C3=A9', 'dnssec information' =3D> 'Informations DNSSEC', @@ -870,14 +870,14 @@ 'dos charset' =3D> 'DOS Charset', 'down and up speed' =3D> 'Entrez votre d=C3=A9bit descendant et montant
et cliquez sur Sauvegarder.', 'downlink' =3D> 'Downlink', -'downlink speed' =3D> 'D=C3=A9bit descendant - download (kbit/sec)', +'downlink speed' =3D> 'D=C3=A9bit descendant - download (kbit/sec) ', 'downlink std class' =3D> 'Classe standard de t=C3=A9l=C3=A9chargement ', 'download' =3D> 'T=C3=A9l=C3=A9chargement ', 'download ca certificate' =3D> 'T=C3=A9l=C3=A9chargez le certificat CA', 'download certificate' =3D> 'T=C3=A9l=C3=A9chargez le certificat', 'download dh parameter' =3D> 'T=C3=A9l=C3=A9charger param=C3=A8tres Diffie-H= ellman', 'download host certificate' =3D> 'T=C3=A9l=C3=A9chargez le certificat de l\'= h=C3=B4te', -'download new ruleset' =3D> 'T=C3=A9l=C3=A9chargez un nouveau r=C3=A8glement= ', +'download new ruleset' =3D> 'T=C3=A9l=C3=A9charger de nouvelles r=C3=A8gles', 'download pkcs12 file' =3D> 'T=C3=A9l=C3=A9chargez le fichier PKCS12', 'download root certificate' =3D> 'T=C3=A9l=C3=A9chargez le certificat Root', 'download tls-auth key' =3D> 'T=C3=A9l=C3=A9charger la cl=C3=A9 tls-auth', @@ -1053,9 +1053,9 @@ 'firmware upload' =3D> 'Charger firmware / pilotes', 'first' =3D> 'Premier', 'five minutes' =3D> '5 minutes', -'fixed ip lease added' =3D> 'Bail IP fixe ajout=C3=A9', -'fixed ip lease modified' =3D> 'Bail IP fixe modifi=C3=A9', -'fixed ip lease removed' =3D> 'Bail IP fixe supprim=C3=A9', +'fixed ip lease added' =3D> 'Bail adresse IP fixe ajoute', +'fixed ip lease modified' =3D> 'Bail adresse IP fixe modifie', +'fixed ip lease removed' =3D> 'Bail adresse IP fixe supprime', 'flag' =3D> 'Drap.', 'force update' =3D> 'Forcer la mise =C3=A0 jour', 'force user' =3D> 'Obliger tous les nouveaux fichiers =C3=A0 l\'utilisateur', @@ -1335,7 +1335,7 @@ 'host configuration' =3D> 'Configuration de l\'h=C3=B4te', 'host deny' =3D> 'Liste des h=C3=B4tes non autoris=C3=A9s', 'host ip' =3D> 'Adresse IP de l\'h=C3=B4te ', -'host to net vpn' =3D> 'R=C3=A9seau priv=C3=A9 virtuel (VPN) de l\'h=C3=B4te= au net (client nomade)', +'host to net vpn' =3D> 'R=C3=A9seau priv=C3=A9 virtuel (VPN) de l\'h=C3=B4te= au r=C3=A9seau (client nomade) ', 'hostname' =3D> 'Nom h=C3=B4te ', 'hostname and domain already in use' =3D> 'Le nom d\'h=C3=B4te et de domaine= sont d=C3=A9j=C3=A0 utilis=C3=A9s.', 'hostname cant be empty' =3D> 'Le nom d\'h=C3=B4te ne peut pas =C3=AAtre vid= e.', @@ -1466,7 +1466,7 @@ 'invalid vpi vpci' =3D> 'R=C3=A9glages VPI/VPCI non valide', 'invalid wins address' =3D> 'Adresse du serveur WINS non valide.', 'invert' =3D> 'Inverser', -'ip address' =3D> 'Adresse IP', +'ip address' =3D> 'Adresse IP ', 'ip address in use' =3D> 'Adresse IP d=C3=A9j=C3=A0 en cours d\'utilisation', 'ip address outside subnets' =3D> 'Adresse IP hors des sous-r=C3=A9seaux', 'ip alias added' =3D> 'Alias d\'IP externe ajout=C3=A9e', @@ -1474,7 +1474,7 @@ 'ip alias removed' =3D> 'Alias d\'IP externe supprim=C3=A9e', 'ip info' =3D> 'Information IP', 'ipfire has now rebooted' =3D> 'IPFire va =C3=A0 pr=C3=A9sent red=C3=A9marre= r.', -'ipfire has now shutdown' =3D> 'IPFire va =C3=A0 pr=C3=A9sent s\'=C3=A9teind= re.', +'ipfire has now shutdown' =3D> 'IPFire va =C3=A0 pr=C3=A9sent s\'arr=C3=AAte= r.', 'ipfire side' =3D> 'C=C3=B4t=C3=A9 IPFire :', 'ipfire side is invalid' =3D> 'C=C3=B4t=C3=A9 IPFire non valide.', 'ipfires hostname' =3D> 'Nom d\'h=C3=B4te d\'IPFire ', @@ -1483,9 +1483,9 @@ 'ipsec network' =3D> 'R=C3=A9seau IPsec', 'ipsec no connections' =3D> 'Aucune connexion IPsec active', 'iptable rules' =3D> 'R=C3=A8gles table IP', -'iptmangles' =3D> 'Mangles IPTable', -'iptnats' =3D> 'Traduction d\'adresses r=C3=A9seaux table IP', -'ipts' =3D> 'Tables IP', +'iptmangles' =3D> 'Mangles IPTable ', +'iptnats' =3D> 'Traduction d\'adresses r=C3=A9seaux table IP ', +'ipts' =3D> 'Tables IP ', 'isdn' =3D> 'ISDN', 'isdn settings' =3D> 'R=C3=A9glages ISDN suppl=C3=A9mentaires :', 'isdn1' =3D> 'ISDN unique', @@ -1569,7 +1569,7 @@ 'mac address saved' =3D> 'Sauvegarde r=C3=A9ussie !', 'mac address saved txt' =3D> 'L\'adresse MAC a =C3=A9t=C3=A9 correctement sa= uvegard=C3=A9e, mais les changements prendront effets apr=C3=A8s un red=C3=A9= marrage ou une reconnexion.', 'mac address title' =3D> 'Contr=C3=B4le d\'acc=C3=A8s des adresses MAC', -'mac desc' =3D> 'Ici, vous pouvez changer l\'adresse MAC de ROUGE0. L\'adres= se doit =C3=AAtre saisie en h=C3=A9xad=C3=A9cimal (0-9,a-f), une adresse vali= de est
par exemple 00-01-02-0e-b8-d6 ou 00:01:02:0e:b8:d6.', +'mac desc' =3D> 'Ici, vous pouvez changer l\'adresse MAC de ROUGE0. L\'adres= se doit =C3=AAtre saisie en hexad=C3=A9cimal (0-9,a-f),
une adresse vali= de est par exemple 00-01-02-0e-b8-d6 ou 00:01:02:0e:b8:d6.', 'mac filter' =3D> 'Filtre MAC', 'mac new' =3D> 'Nouvelle adresse MAC :', 'mac1 new' =3D> 'Nouvelle adresse MAC 1 (vdsl-inet) :', @@ -1714,9 +1714,9 @@ 'network time' =3D> 'Utiliser un serveur de temps automatique :', 'network time from' =3D> 'Obtenir l\'heure depuis un serveur de temps automa= tique', 'network traffic graphs' =3D> 'Graphiques de l\'activit=C3=A9 r=C3=A9seau', -'network traffic graphs external' =3D> 'Graphique du trafic net (externe)', -'network traffic graphs internal' =3D> 'Graphique du trafic net (interne)', -'network traffic graphs others' =3D> 'R=C3=A9seau (autres)', +'network traffic graphs external' =3D> 'Graphique du trafic r=C3=A9seau (ext= erne)', +'network traffic graphs internal' =3D> 'Graphique du trafic r=C3=A9seau (int= erne)', +'network traffic graphs others' =3D> 'Graphique de la qualit=C3=A9 r=C3=A9se= au (autres)', 'network updated' =3D> 'R=C3=A9seau personnalis=C3=A9 mis =C3=A0 jour', 'networks settings' =3D> 'R=C3=A9glages pare-feu - r=C3=A9seau', 'never' =3D> 'Jamais', @@ -1878,8 +1878,8 @@ 'ovpn subnet' =3D> 'Sous-r=C3=A9seau OpenVPN (c.a.d. 10.0.10.0/255.255.255.0= )', 'ovpn subnet is invalid' =3D> 'Sous-r=C3=A9seau OpenVPN non valide.', 'ovpn subnet overlap' =3D> 'Le sous-r=C3=A9seau OpenVPN se chevauche avec : = ', +'ovpn warning rfc3280' =3D> 'Votre certificat d\'h=C3=B4te n\'est pas confor= me avec la RFC3280.
Veuillez mettre =C3=A0 jour la derni=C3=A8re version d= \'IPFire et g=C3=A9n=C3=A9rer d=C3=A8s que possible un nouveau certificat rac= ine et h=C3=B4te.

Tous les clients OpenVPN doivent ensuite =C3=AAtre = renouvel=C3=A9s !
', 'ovpn_fastio' =3D> 'Fast-IO', -'ovpn_fragment' =3D> 'Taille des fragments', 'ovpn_mssfix' =3D> 'Taille MSSFIX', 'ovpn_mtudisc' =3D> 'D=C3=A9couverte MTU', 'ovpn_processprio' =3D> 'Priorit=C3=A9 du processus', @@ -2056,7 +2056,7 @@ 'resetglobals' =3D> 'R=C3=A9initialiser les param=C3=A8tres globaux', 'resetpolicy' =3D> 'R=C3=A9initialiser la politique par d=C3=A9faut', 'resetshares' =3D> 'r=C3=A9initialiser les partages ?', -'resetting the vpn configuration will remove the root ca, the host certifica= te and all certificate based connections' =3D> 'R=C3=A9initialiser la configu= ration VPN va supprimer le CA root, le certificat h=C3=B4te et tous les certi= ficats bas=C3=A9s sur les connexions', +'resetting the vpn configuration will remove the root ca, the host certifica= te and all certificate based connections' =3D> 'R=C3=A9initialiser la configu= ration VPN va supprimer le CA root, le certificat h=C3=B4te et tous les certi= ficats bas=C3=A9s sur les connexions ', 'restart' =3D> 'Relancer', 'restart ovpn server' =3D> 'Relancer le serveur OpenVPN', 'restore' =3D> 'Restaurer', @@ -2196,7 +2196,7 @@ 'ssh fingerprint' =3D> 'Empreinte digitale', 'ssh host keys' =3D> 'Clef SSH de l\'h=C3=B4te', 'ssh is disabled' =3D> 'SSH est desactive. Arret.', -'ssh is enabled' =3D> 'SSH est active. Redemarrage.', +'ssh is enabled' =3D> 'SSH est active. Redemarrage.', 'ssh key' =3D> 'Clef', 'ssh key size' =3D> 'Taille (bits)', 'ssh keys' =3D> 'Autoriser l\'authentification par clef publique', @@ -2238,7 +2238,7 @@ 'subject warn' =3D> 'Attention - Le niveau d\'alerte a =C3=A9t=C3=A9 atteint= ', 'subnet' =3D> 'Sous-r=C3=A9seau', 'subnet is invalid' =3D> 'Le masque r=C3=A9seau est non valide', -'subscripted user rules' =3D> 'R=C3=A9gles Sourcefire VRT avec abonnement', +'subscripted user rules' =3D> 'R=C3=A8gles Sourcefire VRT avec abonnement', 'successfully refreshed updates list' =3D> 'La liste des mises =C3=A0 jour a= =C3=A9t=C3=A9 rafra=C3=AEchie avec succ=C3=A8s.', 'summaries kept' =3D> 'Conserver pour les r=C3=A9sum=C3=A9s', 'sunday' =3D> 'Dimanche', @@ -2257,7 +2257,7 @@ 'tcp more reliable' =3D> 'TCP (plus fiable)', 'telephone not set' =3D> 'T=C3=A9l=C3=A9phone non d=C3=A9fini.', 'template' =3D> 'Pr=C3=A9=C3=A9tabli', -'template warning' =3D> 'Vous avez deux options pour =C3=A9tablir la Qos : L= a premi=C3=A8re, vous cliquez sur le bouton de sauvegarde et g=C3=A9n=C3=A9re= z les classes et r=C3=A8gles qui vous conviennent. La seconde, vous cliquez s= ur le bouton pr=C3=A9=C3=A9tabli et les classes et r=C3=A8gles seront mises e= n place par un mod=C3=A8le.', +'template warning' =3D> 'Vous avez deux options pour =C3=A9tablir la Qos : L= a premi=C3=A8re, vous cliquez sur le bouton de sauvegarde et g=C3=A9n=C3=A9re= z les classes et r=C3=A8gles qui vous conviennent.
La seconde, vous clique= z sur le bouton pr=C3=A9=C3=A9tabli et les classes et r=C3=A8gles seront mise= s en place par un mod=C3=A8le.', 'ten minutes' =3D> '10 minutes', 'teovpn_fragment' =3D> 'Taille de fragment', 'test' =3D> 'test', @@ -2299,9 +2299,9 @@ 'tor accounting interval' =3D> 'Interval (UTC)', 'tor accounting limit' =3D> 'Accounting limit (Mo)', 'tor accounting period' =3D> 'Accounting period', -'tor accounting period daily' =3D> 'quotidienne', -'tor accounting period monthly' =3D> 'mensuelle', -'tor accounting period weekly' =3D> 'hebdomadaire', +'tor accounting period daily' =3D> 'Quotidienne', +'tor accounting period monthly' =3D> 'Mensuelle', +'tor accounting period weekly' =3D> 'Hebdomadaire', 'tor acls' =3D> 'Contr=C3=B4le d\'acc=C3=A8s', 'tor allowed subnets' =3D> 'Sous-r=C3=A9seaux allou=C3=A9s (un par ligne)', 'tor bandwidth burst' =3D> 'Max. burst', @@ -2410,7 +2410,7 @@ 'updates is old2' =3D> 'jours. Il est recommand=C3=A9 de le mettre =C3=A0 jo= ur depuis la page Syst=C3=A8me > Mises =C3=A0 jour.', 'updxlrtr 3 months' =3D> 'trois mois', 'updxlrtr 6 months' =3D> 'six mois', -'updxlrtr all files' =3D> 'tous les fichiers ...', +'updxlrtr all files' =3D> 'tous les fichiers...', 'updxlrtr cache dir' =3D> 'R=C3=A9pertoire du cache', 'updxlrtr cache maintenance' =3D> 'Maintenance du cache', 'updxlrtr cache size' =3D> 'Taille du cache (octets)', @@ -2427,7 +2427,7 @@ 'updxlrtr configuration' =3D> 'Mise =C3=A0 jour de l\'acc=C3=A9l=C3=A9rateur= ', 'updxlrtr current downloads' =3D> 'Les fichiers suivants sont en cours de t= =C3=A9l=C3=A9chargement dans le cache local :', 'updxlrtr current files' =3D> 'Les fichiers courants sont dans le cache loca= l', -'updxlrtr daily' =3D> 'quotidiennement', +'updxlrtr daily' =3D> 'Quotidienne', 'updxlrtr data from cache' =3D> 'Donn=C3=A9es du cache (octets)', 'updxlrtr disk usage' =3D> 'Utilisation du disque', 'updxlrtr efficiency index' =3D> 'Indice d\'efficacit=C3=A9 du cache ', @@ -2449,7 +2449,7 @@ 'updxlrtr max disk usage' =3D> 'Utilisation maximum du disque ', 'updxlrtr max download rate' =3D> 'Taux de t=C3=A9l=C3=A9chargement maximum = externe (kbit/s) ', 'updxlrtr month' =3D> 'un mois', -'updxlrtr monthly' =3D> 'mensuellement', +'updxlrtr monthly' =3D> 'Mensuelle', 'updxlrtr not accessed' =3D> 'utilis=C3=A9s la derni=C3=A8re fois depuis', 'updxlrtr not enabled' =3D> 'La mise =C3=A0 jour de l\'acc=C3=A9l=C3=A9rateu= r n\'est pas activ=C3=A9e sur la page web du proxy', 'updxlrtr other' =3D> 'Autre', @@ -2462,7 +2462,7 @@ 'updxlrtr save and restart' =3D> 'Sauvegarder et red=C3=A9marrer', 'updxlrtr source' =3D> 'Source', 'updxlrtr source checkup' =3D> 'V=C3=A9rifications des sources', -'updxlrtr source checkup schedule' =3D> 'Calendrier de v=C3=A9rification des= sources ', +'updxlrtr source checkup schedule' =3D> 'Fr=C3=A9quence de v=C3=A9rification= des sources ', 'updxlrtr sources' =3D> 'Sources', 'updxlrtr standard view' =3D> 'Vue standard', 'updxlrtr statistics' =3D> 'Statistiques', @@ -2478,12 +2478,12 @@ 'updxlrtr used by' =3D> 'Utilis=C3=A9 par', 'updxlrtr web proxy service required' =3D> 'Le proxy web doit =C3=AAtre acti= v=C3=A9 pour utiliser la mise =C3=A0 jour Acc=C3=A9l=C3=A9rateur', 'updxlrtr week' =3D> 'une semaine', -'updxlrtr weekly' =3D> 'hebdomadairement', +'updxlrtr weekly' =3D> 'Hebdomadaire', 'updxlrtr year' =3D> 'une ann=C3=A9e', 'upgrade' =3D> 'Am=C3=A9liorer', 'uplink' =3D> 'Uplink', 'uplink bit rate' =3D> 'Uplink Bit Rate', -'uplink speed' =3D> 'D=C3=A9bit montant - upload (kbit/sec)', +'uplink speed' =3D> 'D=C3=A9bit montant - upload (kbit/sec) ', 'uplink std class' =3D> 'Classe standard de la connexion ', 'upload' =3D> 'Envoi ', 'upload a certificate' =3D> 'Envoyer un certificat :', @@ -2506,19 +2506,19 @@ 'uptime load average' =3D> 'Charge moyenne', 'url filter' =3D> 'Filtre de contenu', 'urlfilter access' =3D> 'Acc=C3=A8s', -'urlfilter activity detection' =3D> 'D=C3=A9tection d\'activit=C3=A9', -'urlfilter add new time constraint rule' =3D> 'Ajouter une nouvelle r=C3=A8g= le de contrainte de temps', -'urlfilter add new user quota rule' =3D> 'Ajouter une nouvelle r=C3=A8gle su= r le quota de l\'utilisateur', +'urlfilter activity detection' =3D> 'D=C3=A9tection d\'activit=C3=A9 ', +'urlfilter add new time constraint rule' =3D> 'Ajouter une nouvelle r=C3=A8g= le de contrainte de temps ', +'urlfilter add new user quota rule' =3D> 'Ajouter une nouvelle r=C3=A8gle su= r le quota de l\'utilisateur ', 'urlfilter add rule' =3D> 'Ajouter', 'urlfilter advanced settings' =3D> 'Param=C3=A8tres avanc=C3=A9s', 'urlfilter allow' =3D> 'Autoriser', 'urlfilter allow access' =3D> 'Autoriser l\'acc=C3=A8s', 'urlfilter allowed domains' =3D> 'Domaines autoris=C3=A9s (un par ligne)', 'urlfilter allowed urls' =3D> 'URLs autoris=C3=A9es (une par ligne)', -'urlfilter assigned quota users' =3D> 'Utilisateurs assign=C3=A9s (un par li= gne)', +'urlfilter assigned quota users' =3D> 'Utilisateurs assign=C3=A9s (un par li= gne) ', 'urlfilter assigned users' =3D> 'Utilisateurs assign=C3=A9s', 'urlfilter automatic blacklist update' =3D> 'Mise =C3=A0 jour automatique de= la liste noire', -'urlfilter automatic update schedule' =3D> 'Mettre =C3=A0 jour le calendrier= automatiquement', +'urlfilter automatic update schedule' =3D> 'Fr=C3=A9quence de mise =C3=A0 jo= ur automatique ', 'urlfilter back to main page' =3D> 'Revenir =C3=A0 la page principale', 'urlfilter background image' =3D> 'Filtre d\'URLs contenant des images de fo= nds', 'urlfilter background text' =3D> 'Afin d\'avoir une image de fond personnali= s=C3=A9e pour les pages bloqu=C3=A9es, envoyez le fichier .jpg', @@ -2526,61 +2526,61 @@ 'urlfilter backup error' =3D> 'Impossible de cr=C3=A9er un fichier de sauveg= arde', 'urlfilter backup settings' =3D> 'Sauvegarder les r=C3=A9glages du filtre d\= 'URL', 'urlfilter banned clients' =3D> 'Adresses IP bannies', -'urlfilter blacklist age 1' =3D> 'La derni=C3=A8re mise =C3=A0 jour de la li= ste noire a =C3=A9t=C3=A9 faite il y a', +'urlfilter blacklist age 1' =3D> 'La derni=C3=A8re mise =C3=A0 jour de la li= ste noire a eu lieu il y a', 'urlfilter blacklist age 2' =3D> 'jours', -'urlfilter blacklist category name' =3D> 'Nom de la cat=C3=A9gorie de la lis= te noire', +'urlfilter blacklist category name' =3D> 'Nom de la cat=C3=A9gorie de la lis= te noire ', 'urlfilter blacklist editor' =3D> 'Editeur de liste noire', 'urlfilter blacklist editor info' =3D> 'Cr=C3=A9er et =C3=A9diter votre prop= re fichier de liste noire', 'urlfilter blacklist name' =3D> 'Nom de la liste noire', 'urlfilter blacklist update' =3D> 'Mise =C3=A0 jour de la liste noire', 'urlfilter block' =3D> 'Bloquer', 'urlfilter block access' =3D> 'Bloquer l\'acc=C3=A8s', -'urlfilter block all' =3D> 'Bloquer toutes les url non autoris=C3=A9es expli= citement', +'urlfilter block all' =3D> 'Bloquer toutes les url non autoris=C3=A9es expli= citement ', 'urlfilter block archives' =3D> 'Bloquer fichiers d\'archives compress=C3=A9= s ', 'urlfilter block audio-video' =3D> 'Bloquer fichiers audio / vid=C3=A9o ', 'urlfilter block categories' =3D> 'Bloquer cat=C3=A9gories', 'urlfilter block executables' =3D> 'Bloquer fichiers ex=C3=A9cutables ', -'urlfilter block ip' =3D> 'Bloquer sites atteints par leur IP', -'urlfilter block settings' =3D> ' R=C3=A9glages filtre URL', +'urlfilter block ip' =3D> 'Bloquer les sites atteints par leur IP ', +'urlfilter block settings' =3D> ' R=C3=A9glages de filtre URL', 'urlfilter blocked domains' =3D> 'Domaines bloqu=C3=A9s (un par ligne)', 'urlfilter blocked expressions' =3D> 'Expressions bloqu=C3=A9es (comme expre= ssions r=C3=A9guli=C3=A8res)', 'urlfilter blocked urls' =3D> 'URL bloqu=C3=A9es (une par ligne)', 'urlfilter category' =3D> 'Cat=C3=A9gorie', 'urlfilter category all' =3D> 'tout', 'urlfilter category data error' =3D> 'Liste noire vide', -'urlfilter category log' =3D> 'Classer les journaux par cat=C3=A9gorie', +'urlfilter category log' =3D> 'Classer les journaux par cat=C3=A9gorie ', 'urlfilter category name error' =3D> 'Nom cat=C3=A9gorie liste noire requis', 'urlfilter client' =3D> 'Client', 'urlfilter configuration' =3D> 'Configuration filtre URL', 'urlfilter constraint definition' =3D> 'D=C3=A9finition', -'urlfilter constraint outside' =3D> 'Dehors', -'urlfilter constraint within' =3D> 'Dedans', +'urlfilter constraint outside' =3D> 'Hors', +'urlfilter constraint within' =3D> 'Avec', 'urlfilter copy rule' =3D> 'Copie', -'urlfilter current files' =3D> 'Fichiers courant du d=C3=A9p=C3=B4t local', +'urlfilter current files' =3D> 'Fichiers courant du d=C3=A9p=C3=B4t local ', 'urlfilter custom blacklist' =3D> 'Liste noire perso', 'urlfilter custom expression list' =3D> 'Liste de mots cl=C3=A9s perso', -'urlfilter custom url' =3D> 'Source URL perso', +'urlfilter custom url' =3D> 'Source URL perso ', 'urlfilter custom url required' =3D> 'Source URL perso requise', 'urlfilter custom whitelist' =3D> 'Liste blanche perso', -'urlfilter daily' =3D> 'quotidiennement', +'urlfilter daily' =3D> 'Quotidienne', 'urlfilter disabled' =3D> 'd=C3=A9sactiv=C3=A9', 'urlfilter domains' =3D> 'Domaine (un par ligne)', -'urlfilter dont restart urlfilter' =3D> 'Ne pas red=C3=A9marrer filtre URL', +'urlfilter dont restart urlfilter' =3D> 'Ne pas red=C3=A9marrer le filtre UR= L ', 'urlfilter dst' =3D> 'Destination', 'urlfilter dst error' =3D> 'Il doit y avoir au moins une cat=C3=A9gorie s=C3= =A9lectionn=C3=A9e', 'urlfilter edit domains urls expressions' =3D> 'Modifier domaines, URLs et e= xpressions', 'urlfilter edit time constraint rule' =3D> 'Modifier une r=C3=A8gle existant= e de contrainte de temps', 'urlfilter edit user quota rule' =3D> 'Modifier une r=C3=A8gle de quota util= isateur', -'urlfilter empty ads' =3D> 'Bloquer "pubs" avec fen=C3=AAtre vide', +'urlfilter empty ads' =3D> 'Bloquer "pubs" avec fen=C3=AAtre vide ', 'urlfilter empty repository' =3D> 'Fichier du d=C3=A9pot local est vide', -'urlfilter enable automatic blacklist update' =3D> 'Activer mise =C3=A0 jour= automatique', +'urlfilter enable automatic blacklist update' =3D> 'Activer la mise =C3=A0 j= our automatique ', 'urlfilter enable custom blacklist' =3D> 'Activer liste noire perso ', 'urlfilter enable custom expression list' =3D> 'Activer la liste d\'expressi= ons personnalis=C3=A9es ', 'urlfilter enable custom whitelist' =3D> 'Activer liste blanche perso ', -'urlfilter enable expression lists' =3D> 'Activer la liste de mots cl=C3=A9s= perso', -'urlfilter enable full backup' =3D> 'Inclure liste noire compl=C3=A8te', +'urlfilter enable expression lists' =3D> 'Activer la liste de mots cl=C3=A9s= perso ', +'urlfilter enable full backup' =3D> 'Inclure liste noire compl=C3=A8te ', 'urlfilter enable jpeg' =3D> 'Activer image d\'arri=C3=A8re plan', -'urlfilter enable log' =3D> 'Activer le journal', +'urlfilter enable log' =3D> 'Activer le journal ', 'urlfilter enable rewrite rules' =3D> 'Activer fichier local de redirection = ', 'urlfilter enabled' =3D> 'Activ=C3=A9 :', 'urlfilter example' =3D> 'Exemple : www.domain.com', @@ -2597,7 +2597,7 @@ 'urlfilter from' =3D> 'De', 'urlfilter hourly' =3D> 'par heure', 'urlfilter import blacklist' =3D> 'Importer liste noire', -'urlfilter import text' =3D> 'Pour importer une liste noire pr=C3=A9c=C3=A9d= emment sauv=C3=A9e, charger le fichier .tar.gz suivant', +'urlfilter import text' =3D> 'Pour importer une liste noire pr=C3=A9c=C3=A9d= emment sauv=C3=A9e, charger le fichier .tar.gz suivant ', 'urlfilter install blacklist' =3D> 'Installer liste noire', 'urlfilter install information' =3D> 'La nouvelle liste noire va =C3=AAtre a= utomatiquement compil=C3=A9e pour pr=C3=A9parer les bases de donn=C3=A9es. Ce= ci peut durer plusieurs minutes et d=C3=A9pend de la taille de la liste noire= .', 'urlfilter invalid content' =3D> 'Le fichier n\'est pas une liste noire comp= atible squidGuard', @@ -2612,17 +2612,17 @@ 'urlfilter log viewer' =3D> 'Rapport de filtre URL', 'urlfilter logs' =3D> 'Rapports de filtre URL', 'urlfilter maintenance' =3D> 'Maintenance filtre URL', -'urlfilter manage local file repository' =3D> 'G=C3=A9rer fichier de d=C3=A9= p=C3=B4t local', +'urlfilter manage local file repository' =3D> 'G=C3=A9rer fichier de d=C3=A9= p=C3=B4t local ', 'urlfilter manage repository' =3D> 'G=C3=A9rer d=C3=A9p=C3=B4t', 'urlfilter minutes' =3D> 'minutes', 'urlfilter mode allow' =3D> 'autoriser', 'urlfilter mode block' =3D> 'bloquer', 'urlfilter mon' =3D> 'Lun', 'urlfilter monday' =3D> 'Lundi', -'urlfilter monthly' =3D> 'Mensuellement', -'urlfilter msg text 1' =3D> 'Message ligne 1', -'urlfilter msg text 2' =3D> 'Message ligne 2', -'urlfilter msg text 3' =3D> 'Message ligne 3', +'urlfilter monthly' =3D> 'Mensuelle', +'urlfilter msg text 1' =3D> 'Message ligne 1 ', +'urlfilter msg text 2' =3D> 'Message ligne 2 ', +'urlfilter msg text 3' =3D> 'Message ligne 3 ', 'urlfilter network access control' =3D> 'Contr=C3=B4le d\'acc=C3=A8s r=C3=A9= seau en fonction', 'urlfilter no categories' =3D> 'Aucune cat=C3=A9gorie disponible', 'urlfilter not enabled' =3D> 'Filtre URL n\'est pas activ=C3=A9 sur le proxy= page web', @@ -2630,10 +2630,10 @@ 'urlfilter quota time error' =3D> 'Valeur non valide pour quota de temps', 'urlfilter quota user error' =3D> 'Au moins un nom d\'utilisateur est requis= ', 'urlfilter redirect template' =3D> 'Redirection mod=C3=A8le de page', -'urlfilter redirectpage' =3D> 'Redirige vers cette URL', +'urlfilter redirectpage' =3D> 'Redirige vers cette URL ', 'urlfilter remove file' =3D> 'Supprime le fichier du d=C3=A9p=C3=B4t', 'urlfilter renewal' =3D> 'Renouvellement', -'urlfilter renewal period' =3D> 'P=C3=A9riode de renouvellement', +'urlfilter renewal period' =3D> 'P=C3=A9riode de renouvellement ', 'urlfilter repository information' =3D> 'Les requ=C3=AAtes de t=C3=A9l=C3=A9= chargement pour ces fichiers seront redirig=C3=A9es depuis la source original= e vers le fichier local du d=C3=A9p=C3=B4t.', 'urlfilter reset' =3D> 'Remettre =C3=A0 z=C3=A9ro', 'urlfilter restart' =3D> 'Red=C3=A9marrer filtre URL', @@ -2643,21 +2643,21 @@ 'urlfilter restore results' =3D> 'Restaurer r=C3=A9sultats', 'urlfilter restore settings' =3D> 'Restaurer param=C3=A8tres filtre URL', 'urlfilter restore success' =3D> 'Configuration filtre URL restaur=C3=A9e. F= iltre URL doit =C3=AAtre red=C3=A9marr=C3=A9 pour activer les nouveaux param= =C3=A8tres.', -'urlfilter restore text' =3D> 'Pour restaurer une configuration pr=C3=A9c=C3= =A9demment sauv=C3=A9e, charger le fichier de sauvegarde .tar.gz suivant', -'urlfilter safesearch' =3D> 'Activer SafeSearch', +'urlfilter restore text' =3D> 'Pour restaurer une configuration pr=C3=A9c=C3= =A9demment sauv=C3=A9e, charger le fichier de sauvegarde .tar.gz suivant ', +'urlfilter safesearch' =3D> 'Activer SafeSearch ', 'urlfilter sat' =3D> 'Sam', 'urlfilter saturday' =3D> 'Samedi', 'urlfilter save and restart' =3D> 'Sauvegarder et red=C3=A9marrer', 'urlfilter save schedule' =3D> 'Valider param=C3=A8tres de mise =C3=A0 jour', -'urlfilter select blacklist' =3D> 'S=C3=A9lectionner liste noire existante', +'urlfilter select blacklist' =3D> 'Choisir une liste noire existante ', 'urlfilter select multi' =3D> 'Presser \'Ctrl\' pour s=C3=A9lectionner plusi= eurs cat=C3=A9gories', -'urlfilter select source' =3D> 'S=C3=A9lectionner source de t=C3=A9l=C3=A9ch= argement', +'urlfilter select source' =3D> 'Choisir une source de t=C3=A9l=C3=A9chargeme= nt ', 'urlfilter set time constraints' =3D> 'Fixer les contraintes de temps', 'urlfilter set user quota' =3D> 'Fixer quotas utilisateur', -'urlfilter show category' =3D> 'Montrer la cat=C3=A9gorie de page bloqu=C3= =A9e', -'urlfilter show dnserror' =3D> 'Utiliser "DNS Error" pour les url bloqu=C3= =A9es', -'urlfilter show ip' =3D> 'Montrer adresse IP page bloqu=C3=A9e', -'urlfilter show url' =3D> 'Montrer adresse url page bloqu=C3=A9e', +'urlfilter show category' =3D> 'Montrer la cat=C3=A9gorie de page bloqu=C3= =A9e ', +'urlfilter show dnserror' =3D> 'Utiliser "Erreur DNS" pour les url bloqu=C3= =A9es ', +'urlfilter show ip' =3D> 'Montrer adresse IP page bloqu=C3=A9e ', +'urlfilter show url' =3D> 'Montrer adresse url page bloqu=C3=A9e ', 'urlfilter source' =3D> 'H=C3=B4te(s) ou r=C3=A9seau(x) source(s)', 'urlfilter src' =3D> 'Source', 'urlfilter src error' =3D> 'Source ne peut =C3=AAtre vide', @@ -2671,7 +2671,7 @@ 'urlfilter time space' =3D> 'Espace temps', 'urlfilter timebased access control' =3D> 'Contr=C3=B4le d\'acc=C3=A8s bas= =C3=A9 sur le temps', 'urlfilter timespace error' =3D> 'Erreur dans la d=C3=A9claration d\'espace/= temps', -'urlfilter to' =3D> 'Vers', +'urlfilter to' =3D> 'A', 'urlfilter tue' =3D> 'Mar', 'urlfilter tuesday' =3D> 'Mardi', 'urlfilter unfiltered clients' =3D> 'Adresses IP non filtr=C3=A9es', @@ -2684,23 +2684,23 @@ 'urlfilter upload blacklist' =3D> 'T=C3=A9l=C3=A9charger liste noire', 'urlfilter upload file' =3D> 'T=C3=A9l=C3=A9charger fichier', 'urlfilter upload file information 1' =3D> 'Note', -'urlfilter upload file information 2' =3D> 'Filtre URL doit =C3=AAtre red=C3= =A9marr=C3=A9 pour activer les changements du d=C3=A9pot.', -'urlfilter upload file text' =3D> 'Pour ajouter un fichier au d=C3=A9pot loc= al, charger le fichier suivant', -'urlfilter upload information' =3D> 'La nouvelle liste noire va =C3=AAtre au= tomatiquement compil=C3=A9e pour pr=C3=A9parer les bases de donn=C3=A9es. Le = temps d=C3=A9pend de la taille de la liste noire et peut durer plusieurs minu= tes. Attendre la fin de cette t=C3=A2che pour relancer filtre URL.', +'urlfilter upload file information 2' =3D> 'Le filtre URL doit =C3=AAtre red= =C3=A9marr=C3=A9 pour activer les changements du d=C3=A9pot.', +'urlfilter upload file text' =3D> 'Pour ajouter un fichier au d=C3=A9pot loc= al, charger le fichier suivant ', +'urlfilter upload information' =3D> 'La nouvelle liste noire va =C3=AAtre au= tomatiquement compil=C3=A9e pour pr=C3=A9parer les bases de donn=C3=A9es.
= Le temps d=C3=A9pend de la taille de la liste noire et peut durer plusieurs m= inutes. Veuillez attendre la fin de cette t=C3=A2che pour relancer le filtre = URL.', 'urlfilter upload success' =3D> 'Chargement liste noire compl=C3=A9t=C3=A9 a= vec succ=C3=A8s.', -'urlfilter upload text' =3D> 'Pour installer une mise =C3=A0 jour, uploader = le fichier .tar.gz suivant', +'urlfilter upload text' =3D> 'Pour installer une mise =C3=A0 jour, uploader = le fichier .tar.gz suivant ', 'urlfilter url filter' =3D> 'Filtre d\'URL', -'urlfilter urlfilter blacklist editor' =3D> 'Editeur de la liste noire du fi= ltre d\'URL', +'urlfilter urlfilter blacklist editor' =3D> 'Editeur de la liste noire du fi= ltre d\'URL ', 'urlfilter urls' =3D> 'URLs (une par ligne)', -'urlfilter user time quota' =3D> 'Quota de temps (en minutes)', +'urlfilter user time quota' =3D> 'Quota de temps (en minutes) ', 'urlfilter username' =3D> 'Nom d\'utilisateur', -'urlfilter username log' =3D> 'Log identifiant', +'urlfilter username log' =3D> 'Log identifiant ', 'urlfilter web proxy service required' =3D> 'Le service proxy web doit =C3= =AAtre activ=C3=A9 pour utiliser les filtres d\'URL', 'urlfilter wed' =3D> 'Mer', 'urlfilter wednesday' =3D> 'Mercredi', 'urlfilter weekday error' =3D> 'Au moins un jour doit =C3=AAtre s=C3=A9lecti= onn=C3=A9', -'urlfilter weekly' =3D> 'hebdomadairement', -'urlfilter whitelist always allowed' =3D> 'Autoriser une liste blanche perso= nnalis=C3=A9e de clients bannis', +'urlfilter weekly' =3D> 'Hebdomadaire', +'urlfilter whitelist always allowed' =3D> 'Autoriser une liste blanche perso= nnalis=C3=A9e de clients bannis ', 'urlfilter wrong filetype' =3D> 'Le fichier n\'a pas l\'extension .tar.gz', 'use' =3D> 'Utiliser', 'use a pre-shared key' =3D> 'Utiliser une cl=C3=A9 pr=C3=A9-partag=C3=A9e :', @@ -2737,13 +2737,13 @@ 'vpn aggrmode' =3D> 'Mode agressif IKE autoris=C3=A9. Eviter si possible (la= cl=C3=A9 pr=C3=A9-partag=C3=A9e est transmise en clair) !', 'vpn altname syntax' =3D> 'SubjectAltName est une liste s=C3=A9par=C3=A9e pa= r des virgules d\'email, DNS, URI, RID et de les objets du IP.
Email: u= ne adresse d\'email. Email Syntaxe: copie prend le champ email du certificat = =C3=A0 =C3=AAtre utilis=C3=A9.
DNS: un nom de domaine valide.
URI= : tout URI valide.
RID: identificateur d\'objet enregistr=C3=A9.
= IP: une adresse IP.
Remarque : Jeu de caract=C3=A8res est limit=C3=A9 e= t le cas est significatif.
Exemple :
email :info(a)ipfire.o= rg, email :copier, DNS:www.ipfire.org, IP:127.0.0.1, = URI:http://url/quelque/chose', 'vpn auth-dn' =3D> 'Le pair est identifi=C3=A9 par soit IPV4_ADDR, FQDN, USE= R_FQDN ou la chaine DER_ASN1_DN dans le champ Remote ID', -'vpn broken' =3D> 'Broken', +'vpn broken' =3D> 'Rompu', 'vpn configuration main' =3D> 'VPN configuration - Principal', 'vpn connecting' =3D> 'CONNEXION', -'vpn delayed start' =3D> 'D=C3=A9lai avant le lancement du VPN (secondes)', +'vpn delayed start' =3D> 'D=C3=A9lai avant le lancement du VPN (secondes) ', 'vpn delayed start help' =3D> 'Si requis, ce d=C3=A9lai peut =C3=AAtre utili= s=C3=A9 pour autoriser les mises =C3=A0 jour de DNS dynamique =C3=A0 la propa= gation appropri=C3=A9e. 60 est une valeur souvent utilis=C3=A9e lorsque l\'in= terface ROUGE est une IP dynamique.', 'vpn force mobike' =3D> 'Force using MOBIKE (only IKEv2)', -'vpn inactivity timeout' =3D> 'Inactivity Timeout', +'vpn inactivity timeout' =3D> 'D=C3=A9lai d=C3=A9pass=C3=A9 inactivit=C3=A9', 'vpn incompatible use of defaultroute' =3D> 'hostname=3D%defaultroute non ad= mis', 'vpn keyexchange' =3D> 'Keyexchange', 'vpn local id' =3D> 'ID Local', @@ -2755,10 +2755,10 @@ 'vpn on orange' =3D> 'VPN sur ORANGE', 'vpn on-demand' =3D> 'A-LA-DEMANDE', 'vpn payload compression' =3D> 'N=C3=A9gocier la compression de charge utile= ', -'vpn red name' =3D> 'IP publique ou nom de domaine complet pour l\'interface= ROUGE ou <%defaultroute>', +'vpn red name' =3D> 'IP publique ou nom de domaine complet pour l\'interface= ROUGE ou <%defaultroute> ', 'vpn remote id' =3D> 'ID distant', 'vpn start action' =3D> 'D=C3=A9marrer l\'action', -'vpn start action add' =3D> 'Attendre l\'initiation de la connexion', +'vpn start action add' =3D> 'Attendre l\'initialisation de la connexion', 'vpn start action route' =3D> 'A la demande', 'vpn start action start' =3D> 'Toujours d=C3=A9marr=C3=A9', 'vpn statistic n2n' =3D> 'Stats OpenVPN (site-=C3=A0-site)', @@ -2802,7 +2802,7 @@ 'wlan client ccmp' =3D> 'CCMP', 'wlan client configuration' =3D> 'Configuration client sans fil', 'wlan client disconnected' =3D> 'D=C3=A9connect=C3=A9', -'wlan client duplicate ssid' =3D> 'Duplicate SSID', +'wlan client duplicate ssid' =3D> 'SSID en double', 'wlan client eap authentication method' =3D> 'M=C3=A9thode d\'authentificati= on EAP', 'wlan client eap phase2 method' =3D> 'M=C3=A9thode phase 2 EAP', 'wlan client eap state' =3D> 'Statut EAP', @@ -2813,21 +2813,21 @@ 'wlan client encryption wep' =3D> 'WEP', 'wlan client encryption wpa' =3D> 'WPA', 'wlan client encryption wpa2' =3D> 'WPA2', -'wlan client group cipher' =3D> 'Group cipher', +'wlan client group cipher' =3D> 'Chiffrer groupe', 'wlan client group key algorithm' =3D> 'GKA', 'wlan client identity' =3D> 'Identit=C3=A9', 'wlan client invalid key length' =3D> 'Longueur de cl=C3=A9 invalide.', 'wlan client method' =3D> 'M=C3=A9thode', 'wlan client new entry' =3D> 'Cr=C3=A9er une nouvelle configuration de clien= t sans fil', 'wlan client new network' =3D> 'Nouveau r=C3=A9seau', -'wlan client pairwise cipher' =3D> 'Pairwise cipher', +'wlan client pairwise cipher' =3D> 'Chiffrer par paire', 'wlan client pairwise key algorithm' =3D> 'PKA', -'wlan client pairwise key group key' =3D> 'Pairwise key/group key', +'wlan client pairwise key group key' =3D> 'Cl=C3=A9 par paire / cl=C3=A9 de = groupe', 'wlan client password' =3D> 'Mot de passe', -'wlan client psk' =3D> 'Pre-shared key', +'wlan client psk' =3D> 'Cl=C3=A9 pr=C3=A9-partag=C3=A9e', 'wlan client ssid' =3D> 'SSID', 'wlan client tkip' =3D> 'TKIP', -'wlan client tls cipher' =3D> 'TLS Cipher', +'wlan client tls cipher' =3D> 'Chiffrer TLS', 'wlan client tls version' =3D> 'Version TLS', 'wlan client wpa mode' =3D> 'Mode WPA', 'wlan client wpa mode all' =3D> 'Auto', @@ -2847,6 +2847,8 @@ 'wlanap invalid wpa' =3D> 'Longueur non valide dans la Passphrase WPA. Doit = comporter entre 8 et 63 caract=C3=A8res.', 'wlanap link dhcp' =3D> 'Configuration DHCP du r=C3=A9seau local sans fil', 'wlanap link wireless' =3D> 'Activer les clients LAN sans fil', +'wlanap neighbor scan' =3D> 'Balayage des r=C3=A9seaux proches', +'wlanap neighbor scan warning' =3D> 'Attention ! La d=C3=A9sactivation peut = enfreindre les r=C3=A8gles r=C3=A9glementaires !', 'wlanap no interface' =3D> 'L\'interface choisie n\'est pas une carte LAN sa= ns fil !', 'wlanap none' =3D> 'aucun', 'wlanap notifications' =3D> 'Notifications', diff --git a/lfs/bind b/lfs/bind index c2530b174..44b649fcb 100644 --- a/lfs/bind +++ b/lfs/bind @@ -25,7 +25,7 @@ =20 include Config =20 -VER =3D 9.11.5 +VER =3D 9.11.5-P1 =20 THISAPP =3D bind-$(VER) DL_FILE =3D $(THISAPP).tar.gz @@ -43,7 +43,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D 17a0d02102117c9a221e857cf2cc8157 +$(DL_FILE)_MD5 =3D 2825d818db51008f88a0030507edfa8a =20 install : $(TARGET) =20 diff --git a/lfs/clamav b/lfs/clamav index 420ee82b3..a6e44ebf2 100644 --- a/lfs/clamav +++ b/lfs/clamav @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 0.100.2 +VER =3D 0.101.1 =20 THISAPP =3D clamav-$(VER) DL_FILE =3D $(THISAPP).tar.gz @@ -32,7 +32,7 @@ DL_FROM =3D $(URL_IPFIRE) DIR_APP =3D $(DIR_SRC)/$(THISAPP) TARGET =3D $(DIR_INFO)/$(THISAPP) PROG =3D clamav -PAK_VER =3D 41 +PAK_VER =3D 43 =20 DEPS =3D "" =20 @@ -50,7 +50,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D 253dd79dd57da759567e42543a569c5c +$(DL_FILE)_MD5 =3D 9c137d6172f6e132e08e61fe25b636f8 =20 install : $(TARGET) =20 diff --git a/lfs/configroot b/lfs/configroot index 4701d9e39..3cdd780fc 100644 --- a/lfs/configroot +++ b/lfs/configroot @@ -62,7 +62,7 @@ $(TARGET) : =20 # Touch empty files for i in auth/users backup/include.user backup/exclude.user \ - captive/settings captive/agb.txt captive/clients captive/voucher_out ce= rts/index.txt ddns/config ddns/settings ddns/ipcache dhcp/settings \ + captive/settings captive/agb.txt captive/clients captive/voucher_out ce= rts/index.txt certs/index.txt.attr ddns/config ddns/settings ddns/ipcache dhc= p/settings \ dhcp/fixleases dhcp/advoptions dhcp/dhcpd.conf.local dns/settings dnsfo= rward/config ethernet/aliases ethernet/settings ethernet/known_nics ethernet/= scanned_nics \ ethernet/wireless extrahd/scan extrahd/devices extrahd/partitions extra= hd/settings firewall/settings firewall/config firewall/geoipblock firewall/in= put firewall/outgoing \ fwhosts/customnetworks fwhosts/customhosts fwhosts/customgroups fwhosts= /customservicegrp fwhosts/customgeoipgrp fwlogs/ipsettings fwlogs/portsetting= s \ @@ -98,7 +98,6 @@ $(TARGET) : cp $(DIR_SRC)/config/cfgroot/ssh-settings $(CONFIG_ROOT)/remote/settings cp $(DIR_SRC)/config/cfgroot/time-settings $(CONFIG_ROOT)/time/settings cp $(DIR_SRC)/config/cfgroot/logging-settings $(CONFIG_ROOT)/logging/settin= gs - cp $(DIR_SRC)/config/cfgroot/useragents $(CONFIG_ROOT)/proxy/advanced cp $(DIR_SRC)/config/cfgroot/ethernet-vlans $(CONFIG_ROOT)/ethernet/vlans cp $(DIR_SRC)/langs/list $(CONFIG_ROOT)/langs/ cp $(DIR_SRC)/config/firewall/convert-xtaccess /usr/sbin/convert-xtaccess diff --git a/lfs/fireinfo b/lfs/fireinfo index df736e0f3..2e6d1e94c 100644 --- a/lfs/fireinfo +++ b/lfs/fireinfo @@ -73,6 +73,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) =20 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fireinfo-Don-t-crash-w= hen-proc-cpuinfo-doesn-t-have-any-infor.patch cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fireinfo-Ignore-any-sy= stems-with-ID-Default-string.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/fireinfo-support-upstr= eam-proxy-with-authentication.patch =20 cd $(DIR_APP) && [ -x "configure" ] || sh ./autogen.sh cd $(DIR_APP) && ./configure --prefix=3D/usr diff --git a/lfs/grub b/lfs/grub index 1a10c2aa5..e6131f2f5 100644 --- a/lfs/grub +++ b/lfs/grub @@ -99,6 +99,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @rm -rf $(DIR_APP) $(DIR_APP_EFI) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(D= L_FILE) =20 cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/grub-2.02_disable_vga_= fallback.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/grub-2.02-xfs-accept-f= ilesystem-with-sparse-inodes.patch =20 # Install unifont cp -v $(DIR_DL)/unifont-7.0.03.pcf.gz $(DIR_APP)/unifont.pcf.gz diff --git a/lfs/haproxy b/lfs/haproxy index da56f889d..51414d8b6 100644 --- a/lfs/haproxy +++ b/lfs/haproxy @@ -32,7 +32,7 @@ DL_FROM =3D $(URL_IPFIRE) DIR_APP =3D $(DIR_SRC)/$(THISAPP) TARGET =3D $(DIR_INFO)/$(THISAPP) PROG =3D haproxy -PAK_VER =3D 7 +PAK_VER =3D 8 =20 DEPS =3D "" =20 diff --git a/lfs/initscripts b/lfs/initscripts index bdab03dfe..c053b7115 100644 --- a/lfs/initscripts +++ b/lfs/initscripts @@ -155,6 +155,9 @@ $(TARGET) : ln -sf ../init.d/leds /etc/rc.d/rc3.d/S21leds ln -sf ../init.d/leds /etc/rc.d/rc6.d/K79leds ln -sf ../init.d/fireinfo /etc/rc.d/rc3.d/S15fireinfo + ln -sf ../init.d/conntrackd /etc/rc.d/rc0.d/K77conntrackd + ln -sf ../init.d/conntrackd /etc/rc.d/rc3.d/S22conntrackd + ln -sf ../init.d/conntrackd /etc/rc.d/rc6.d/K77conntrackd ln -sf ../init.d/mountkernfs /etc/rc.d/rcsysinit.d/S00mountkernfs ln -sf ../init.d/sysctl /etc/rc.d/rcsysinit.d/S01sysctl ln -sf ../init.d/modules /etc/rc.d/rcsysinit.d/S05modules diff --git a/lfs/ipvsadm b/lfs/ipvsadm index db245b997..6345237f0 100644 --- a/lfs/ipvsadm +++ b/lfs/ipvsadm @@ -24,15 +24,15 @@ =20 include Config =20 -VER =3D 1.26 +VER =3D 1.29 =20 THISAPP =3D ipvsadm-$(VER) -DL_FILE =3D $(THISAPP).tar.gz +DL_FILE =3D $(THISAPP).tar.xz DL_FROM =3D $(URL_IPFIRE) DIR_APP =3D $(DIR_SRC)/$(THISAPP) TARGET =3D $(DIR_INFO)/$(THISAPP) PROG =3D ipvsadm -PAK_VER =3D 1 +PAK_VER =3D 2 =20 DEPS =3D "" =20 @@ -44,7 +44,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D eac3ba3f62cd4dea2da353aeddd353a8 +$(DL_FILE)_MD5 =3D 12f0d3b4d436e941d0c4dbe358144bfd =20 install : $(TARGET) =20 diff --git a/lfs/keepalived b/lfs/keepalived index 6bdd9d3de..8e01e979d 100644 --- a/lfs/keepalived +++ b/lfs/keepalived @@ -32,7 +32,7 @@ DL_FROM =3D $(URL_IPFIRE) DIR_APP =3D $(DIR_SRC)/$(THISAPP) TARGET =3D $(DIR_INFO)/$(THISAPP) PROG =3D keepalived -PAK_VER =3D 3 +PAK_VER =3D 5 =20 DEPS =3D "" =20 diff --git a/lfs/libvirt b/lfs/libvirt index de25a3d55..d0742e810 100644 --- a/lfs/libvirt +++ b/lfs/libvirt @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 4.6.0 +VER =3D 4.10.0 =20 THISAPP =3D libvirt-$(VER) DL_FILE =3D $(THISAPP).tar.xz @@ -33,9 +33,9 @@ DIR_APP =3D $(DIR_SRC)/$(THISAPP) TARGET =3D $(DIR_INFO)/$(THISAPP) SUP_ARCH =3D i586 x86_64 PROG =3D libvirt -PAK_VER =3D 17 +PAK_VER =3D 19 =20 -DEPS =3D "jansson libpciaccess libyajl ncat qemu" +DEPS =3D "libpciaccess libyajl ncat qemu" =20 ############################################################################= ### # Top-level Rules @@ -45,7 +45,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D 6ea17a8f004a4bcdfc4beaed91fcdddd +$(DL_FILE)_MD5 =3D f85067e830bd89db08b7b7ffa75db6ef =20 install : $(TARGET) check : $(patsubst %,$(DIR_CHK)/%,$(objects)) diff --git a/lfs/linux b/lfs/linux index 346378819..7aac547f9 100644 --- a/lfs/linux +++ b/lfs/linux @@ -34,7 +34,7 @@ DIR_APP =3D $(DIR_SRC)/$(THISAPP) CFLAGS =3D CXXFLAGS =3D =20 -PAK_VER =3D 79 +PAK_VER =3D 80 DEPS =3D "" =20 HEADERS_ARCH =3D $(BUILD_PLATFORM) @@ -211,14 +211,14 @@ ifeq "$(LASTKERNEL)" "1" echo install drm /bin/false > /etc/modprobe.d/framebuffer.conf =20 # Blacklist old framebuffer modules - for f in $$(find /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/video/fbdev= / -name *.ko); do \ + for f in $$(find /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/video/fbdev= / -name *.ko.xz); do \ echo "blacklist $$(basename $$f)" >> /etc/modprobe.d/framebuffer.conf ; \ done # Blacklist new drm framebuffer modules - for f in $$(find /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/gpu/drm -na= me *.ko); do \ + for f in $$(find /lib/modules/$(VER)-$(VERSUFIX)/kernel/drivers/gpu/drm -na= me *.ko.xz); do \ echo "blacklist $$(basename $$f)" >> /etc/modprobe.d/framebuffer.conf ; \ done=09 - sed -i -e "s|.ko||g" /etc/modprobe.d/framebuffer.conf + sed -i -e "s|.ko.xz||g" /etc/modprobe.d/framebuffer.conf =20 # Disable ipv6 at runtime echo "options ipv6 disable_ipv6=3D1" > /etc/modprobe.d/ipv6.conf diff --git a/lfs/linux-initrd b/lfs/linux-initrd index 3f0a80739..f5bd4527b 100644 --- a/lfs/linux-initrd +++ b/lfs/linux-initrd @@ -71,13 +71,13 @@ ifeq "$(KCFG)" "-kirkwood" endif =20 ifeq "$(KCFG)" "-multi" -ifeq "$(BUILD_ARCH)" "aarch64" - cd /boot && mkimage -A arm64 -T ramdisk -C lzma -d initramfs-$(KVER)-$(VERS= UFIX).img uInit-$(KVER)-$(VERSUFIX) - # dont remove initramfs because grub need this to boot. -else cd /boot && mkimage -A arm -T ramdisk -C lzma -d initramfs-$(KVER)-$(VERSUF= IX).img uInit-$(KVER)-$(VERSUFIX) cd /boot && rm initramfs-$(KVER)-$(VERSUFIX).img endif + +ifeq "$(BUILD_ARCH)" "aarch64" + cd /boot && mkimage -A arm64 -T ramdisk -C lzma -d initramfs-$(KVER)-$(VERS= UFIX).img uInit-$(KVER)-$(VERSUFIX) + # dont remove initramfs because grub need this to boot. endif =20 endif diff --git a/lfs/mc b/lfs/mc index 1aa07c133..6600702e5 100644 --- a/lfs/mc +++ b/lfs/mc @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 4.8.20 +VER =3D 4.8.22 =20 THISAPP =3D mc-$(VER) DL_FILE =3D $(THISAPP).tar.xz @@ -32,7 +32,7 @@ DL_FROM =3D $(URL_IPFIRE) DIR_APP =3D $(DIR_SRC)/$(THISAPP) TARGET =3D $(DIR_INFO)/$(THISAPP) PROG =3D mc -PAK_VER =3D 16 +PAK_VER =3D 17 =20 DEPS =3D "" =20 @@ -44,7 +44,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D 7f808b01f3f7d9aa52152a9efb86dbca +$(DL_FILE)_MD5 =3D 62bba2bfccadf08eb554321899f475bc =20 install : $(TARGET) =20 diff --git a/lfs/mpd b/lfs/mpd index bf038a81f..25c3e57d7 100644 --- a/lfs/mpd +++ b/lfs/mpd @@ -34,7 +34,7 @@ TARGET =3D $(DIR_INFO)/$(THISAPP) PROG =3D mpd PAK_VER =3D 19 =20 -DEPS =3D "alsa avahi faad2 ffmpeg flac lame libmad libshout libogg lib= id3tag libvorbis opus" +DEPS =3D "alsa avahi faad2 ffmpeg flac lame libmad libshout libogg lib= id3tag libvorbis opus soxr" =20 ############################################################################= ### # Top-level Rules diff --git a/lfs/pcre b/lfs/pcre index 66b34cc30..dc6621f1c 100644 --- a/lfs/pcre +++ b/lfs/pcre @@ -74,7 +74,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) --prefix=3D/usr \ --disable-static \ --enable-utf8 \ - --disable-jit \ + --enable-jit \ --enable-pcre16 \ --enable-pcre32 \ --enable-pcregrep-libz \ diff --git a/lfs/perl-Net-CIDR-Lite b/lfs/perl-Net-CIDR-Lite new file mode 100644 index 000000000..a3c20b42b --- /dev/null +++ b/lfs/perl-Net-CIDR-Lite @@ -0,0 +1,80 @@ +############################################################################= ### +# = # +# IPFire.org - A linux based firewall = # +# Copyright (C) 2007-2018 IPFire Team = # +# = # +# This program is free software: you can redistribute it and/or modify = # +# it under the terms of the GNU General Public License as published by = # +# the Free Software Foundation, either version 3 of the License, or = # +# (at your option) any later version. = # +# = # +# This program is distributed in the hope that it will be useful, = # +# but WITHOUT ANY WARRANTY; without even the implied warranty of = # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the = # +# GNU General Public License for more details. = # +# = # +# You should have received a copy of the GNU General Public License = # +# along with this program. If not, see . = # +# = # +############################################################################= ### + +############################################################################= ### +# Definitions +############################################################################= ### + +include Config + +VER =3D 0.21 + +THISAPP =3D Net-CIDR-Lite-$(VER) +DL_FILE =3D ${THISAPP}.tar.gz +DL_FROM =3D $(URL_IPFIRE) +DIR_APP =3D $(DIR_SRC)/$(THISAPP) +TARGET =3D $(DIR_INFO)/$(THISAPP) + +############################################################################= ### +# Top-level Rules +############################################################################= ### + +objects =3D $(DL_FILE) + +$(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) + +$(DL_FILE)_MD5 =3D 12280b3754886b876918f03f53aee4f5 + +install : $(TARGET) + +check : $(patsubst %,$(DIR_CHK)/%,$(objects)) + +download :$(patsubst %,$(DIR_DL)/%,$(objects)) + +md5 : $(subst %,%_MD5,$(objects)) + +dist: + @$(PAK) + +############################################################################= ### +# Downloading, checking, md5sum +############################################################################= ### + +$(patsubst %,$(DIR_CHK)/%,$(objects)) : + @$(CHECK) + +$(patsubst %,$(DIR_DL)/%,$(objects)) : + @$(LOAD) + +$(subst %,%_MD5,$(objects)) : + @$(MD5) + +############################################################################= ### +# Installation Details +############################################################################= ### + +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) + @$(PREBUILD) + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && perl Makefile.PL + cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE) + cd $(DIR_APP) && make install + @rm -rf $(DIR_APP) + @$(POSTBUILD) diff --git a/lfs/python b/lfs/python index 35651ba60..66bc3b901 100644 --- a/lfs/python +++ b/lfs/python @@ -1,7 +1,7 @@ ############################################################################= ### # = # # IPFire.org - A linux based firewall = # -# Copyright (C) 2007-2018 IPFire Team = # +# Copyright (C) 2007-2019 IPFire Team = # # = # # This program is free software: you can redistribute it and/or modify = # # it under the terms of the GNU General Public License as published by = # @@ -24,7 +24,9 @@ =20 include Config =20 -VER =3D 2.7.13 +# If you update this make sure that you also change the VER and PAK_VER of +# python-optional-src ! +VER =3D 2.7.15 =20 THISAPP =3D Python-$(VER) DL_FILE =3D $(THISAPP).tar.xz @@ -40,7 +42,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D 53b43534153bb2a0363f08bae8b9d990 +$(DL_FILE)_MD5 =3D a80ae3cc478460b922242f43a1b4094d =20 install : $(TARGET) =20 @@ -71,7 +73,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar Jxf $(DIR_DL)/$(DL_FILE) rm -rf $(DIR_APP)/Modules/_ctypes/{darwin,libffi,libffi_arm_wince,libffi_ms= vc,libffi_osx} - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/python-2.7.13-getentro= py.patch cd $(DIR_APP) && OPT=3D"$(CFLAGS)" ./configure \ --prefix=3D/usr \ --enable-shared \ diff --git a/lfs/python-optional-src b/lfs/python-optional-src index 82bb0e894..cb0ac1fa6 100644 --- a/lfs/python-optional-src +++ b/lfs/python-optional-src @@ -1,7 +1,7 @@ ############################################################################= ### # = # # IPFire.org - A linux based firewall = # -# Copyright (C) 2007-2018 IPFire Team = # +# Copyright (C) 2007-2019 IPFire Team = # # = # # This program is free software: you can redistribute it and/or modify = # # it under the terms of the GNU General Public License as published by = # @@ -24,12 +24,12 @@ =20 include Config =20 -VER =3D 2.7.10 +VER =3D 2.7.15 =20 include python =20 PROG =3D python-optional-src -PAK_VER =3D 4 +PAK_VER =3D 5 DEPS =3D =20 dist:=20 diff --git a/lfs/snort b/lfs/snort index 813c05c14..e7b5a19f7 100644 --- a/lfs/snort +++ b/lfs/snort @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 2.9.11.1 +VER =3D 2.9.12 =20 THISAPP =3D snort-$(VER) DL_FILE =3D $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D 378e3938b2b5c8e358f942d0ffce18cc +$(DL_FILE)_MD5 =3D 3a305d9c44bd0319aa50783a60c8947f =20 install : $(TARGET) =20 @@ -75,7 +75,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) --sysconfdir=3D/etc/snort \ --target=3Di586 \ --enable-linux-smp-stats \ - --enable-gre --enable-mpls \ + --disable-open-appid \ + --enable-gre \ + --enable-mpls \ --enable-targetbased \ --enable-ppm \ --enable-non-ether-decoders \ diff --git a/lfs/sqlite b/lfs/sqlite index 467e01805..8f02634cd 100644 --- a/lfs/sqlite +++ b/lfs/sqlite @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 3250200 +VER =3D 3260000 =20 THISAPP =3D sqlite-autoconf-$(VER) DL_FILE =3D $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D bfade31d59f58badc51aeaa6ae26a5de +$(DL_FILE)_MD5 =3D ac2b3b8cd3a97600e36fb8e756e8dda1 =20 install : $(TARGET) =20 diff --git a/lfs/squid b/lfs/squid index 11b84d719..6033ab394 100644 --- a/lfs/squid +++ b/lfs/squid @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 3.5.28 +VER =3D 4.5 =20 THISAPP =3D squid-$(VER) DL_FILE =3D $(THISAPP).tar.xz @@ -42,7 +42,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D 9367e0375ea53ba0e99f77054d4402c5 +$(DL_FILE)_MD5 =3D 8275da5846f9f2243ad2625e5aef2ee0 =20 install : $(TARGET) =20 @@ -72,9 +72,7 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar xaf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/squid/01_Certificate_= fields_injection_via_D_in_ERR_SECURE_CONNECT_FAIL_306.patch - cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/squid/02_Fix_memory_l= eak_when_parsing_SNMP_packet_313.patch - cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-3.5.28-fi= x-max-file-descriptors.patch + cd $(DIR_APP) && patch -Np0 -i $(DIR_SRC)/src/patches/squid/squid-4.5-fix-m= ax-file-descriptors.patch =20 cd $(DIR_APP) && autoreconf -vfi cd $(DIR_APP)/libltdl && autoreconf -vfi @@ -125,7 +123,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) --enable-zph-qos \ --with-dl \ --with-filedescriptors=3D$$(( 16384 * 64 )) \ - --with-large-files + --with-large-files \ + --without-gnutls \ + --without-netfilter-conntrack =20 cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install diff --git a/lfs/tar b/lfs/tar index cbab6c2a9..953613d51 100644 --- a/lfs/tar +++ b/lfs/tar @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 1.30 +VER =3D 1.31 =20 THISAPP =3D tar-$(VER) DL_FILE =3D $(THISAPP).tar.bz2 @@ -50,7 +50,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D 8404e4c1fc5a3000228ab2b8ad674a65 +$(DL_FILE)_MD5 =3D 77afa35b696c8d760331fa0e12c2fac9 =20 install : $(TARGET) =20 @@ -80,6 +80,9 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE) + + cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/tar/01_extract.c.patch + cd $(DIR_APP) && ./configure $(EXTRA_CONFIG) FORCE_UNSAFE_CONFIGURE=3D1 cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install diff --git a/lfs/transmission b/lfs/transmission index 5de887c43..4eac88bd9 100644 --- a/lfs/transmission +++ b/lfs/transmission @@ -1,7 +1,7 @@ ############################################################################= ### # = # # IPFire.org - A linux based firewall = # -# Copyright (C) 2007-2018 IPFire Team = # +# Copyright (C) 2007-2019 IPFire Team = # # = # # This program is free software: you can redistribute it and/or modify = # # it under the terms of the GNU General Public License as published by = # @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 2.92 +VER =3D 2.94 =20 THISAPP =3D transmission-$(VER) DL_FILE =3D $(THISAPP).tar.xz @@ -32,7 +32,7 @@ DL_FROM =3D $(URL_IPFIRE) DIR_APP =3D $(DIR_SRC)/$(THISAPP) TARGET =3D $(DIR_INFO)/$(THISAPP) PROG =3D transmission -PAK_VER =3D 15 +PAK_VER =3D 16 =20 DEPS =3D "" =20 @@ -46,7 +46,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D 3fce404a436e3cd7fde80fb6ed61c264 +$(DL_FILE)_MD5 =3D c92829294edfa391c046407eeb16358a =20 install : $(TARGET) =20 @@ -79,7 +79,6 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/transmission-2.92-open= ssl-1.1.0.patch cd $(DIR_APP) && ./configure --prefix=3D/usr --disable-static cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE) cd $(DIR_APP) && make install diff --git a/lfs/unbound b/lfs/unbound index 8dfcfa3a0..07501d1d6 100644 --- a/lfs/unbound +++ b/lfs/unbound @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 1.8.1 +VER =3D 1.8.3 =20 THISAPP =3D unbound-$(VER) DL_FILE =3D $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D 00ce66e357fd2f969acf69008aa82a40 +$(DL_FILE)_MD5 =3D 4646203343d3b8f5aeb1b57753c27ead =20 install : $(TARGET) =20 @@ -79,6 +79,8 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) --disable-static \ --with-libevent \ --enable-event-api \ + --enable-tfo-client \ + --enable-tfo-server \ ac_cv_func_getentropy=3Dno =20 cd $(DIR_APP) && make $(MAKETUNING) diff --git a/lfs/wget b/lfs/wget index 39f59ba80..b8c83d10d 100644 --- a/lfs/wget +++ b/lfs/wget @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 1.19.5 +VER =3D 1.20.1 =20 THISAPP =3D wget-$(VER) DL_FILE =3D $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D 2db6f03d655041f82eb64b8c8a1fa7da +$(DL_FILE)_MD5 =3D f6ebe9c7b375fc9832fb1b2028271fb7 =20 install : $(TARGET) =20 diff --git a/lfs/xtables-addons b/lfs/xtables-addons index af2784c1a..260820955 100644 --- a/lfs/xtables-addons +++ b/lfs/xtables-addons @@ -27,7 +27,7 @@ include Config VERSUFIX =3D ipfire$(KCFG) MODPATH =3D /lib/modules/$(KVER)-$(VERSUFIX)/extra/ =20 -VER =3D 2.13 +VER =3D 3.2 =20 THISAPP =3D xtables-addons-$(VER) DL_FILE =3D $(THISAPP).tar.xz @@ -48,7 +48,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_MD5 =3D be20b0b9c4b001b364431a836e361d33 +$(DL_FILE)_MD5 =3D 80ea89ba8d5a001a8d71c7f05b2f0141 =20 install : $(TARGET) =20 @@ -94,6 +94,10 @@ ifeq "$(USPACE)" "1" =20 cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install + + # Install xt_geoip_build. + cd $(DIR_APP) && install -m 755 geoip/xt_geoip_build \ + /usr/local/bin/ else cd $(DIR_APP) && ./configure \ --with-kbuild=3D/usr/src/linux-$(KVER)/ diff --git a/make.sh b/make.sh index 83dd9b121..1ee4ba36e 100755 --- a/make.sh +++ b/make.sh @@ -17,7 +17,7 @@ # along with IPFire; if not, write to the Free Software # # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # # # -# Copyright (C) 2007-2018 IPFire Team . = # +# Copyright (C) 2007-2019 IPFire Team . = # # # ############################################################################ # @@ -25,8 +25,8 @@ NAME=3D"IPFire" # Software name SNAME=3D"ipfire" # Short name VERSION=3D"2.21" # Version number -CORE=3D"126" # Core Level (Filename) -PAKFIRE_CORE=3D"126" # Core Level (PAKFIRE) +CORE=3D"127" # Core Level (Filename) +PAKFIRE_CORE=3D"127" # Core Level (PAKFIRE) GIT_BRANCH=3D`git rev-parse --abbrev-ref HEAD` # Git Branch SLOGAN=3D"www.ipfire.org" # Software slogan CONFIG_ROOT=3D/var/ipfire # Configuration rootdir @@ -1434,6 +1434,7 @@ buildipfire() { lfsmake2 mpd lfsmake2 libmpdclient lfsmake2 mpc + lfsmake2 perl-Net-CIDR-Lite lfsmake2 perl-Net-SMTP-SSL lfsmake2 perl-MIME-Base64 lfsmake2 perl-Authen-SASL diff --git a/src/initscripts/packages/keepalived b/src/initscripts/packages/k= eepalived index 5634194e6..4dda336d5 100644 --- a/src/initscripts/packages/keepalived +++ b/src/initscripts/packages/keepalived @@ -13,6 +13,12 @@ =20 case "${1}" in start) + # Load IPVS module + modprobe ip_vs + + # Enable connection tracking for IPVS + sysctl -w net.ipv4.vs.conntrack=3D1 &>/dev/null + boot_mesg "Starting keepalive daemon..." loadproc /usr/sbin/keepalived ${KEEPALIVED_OPTIONS} ;; @@ -24,7 +30,7 @@ case "${1}" in =20 reload) boot_mesg "Reloading keepalive daemon..." - reloadproc /etc/sbin/keepalived + reloadproc /usr/sbin/keepalived ;; =20 restart) diff --git a/src/initscripts/system/aws b/src/initscripts/system/aws index 2a556801a..b22af7573 100644 --- a/src/initscripts/system/aws +++ b/src/initscripts/system/aws @@ -34,7 +34,8 @@ case "${1}" in running_on_ec2 || exit 0 =20 # Find the first interface to use - for i in /sys/class/net/*; do + for i in /sys/class/net/red* /sys/class/net/eth* \ + /sys/class/net/*; do [ -d "${i}" ] || continue i=3D$(basename ${i}) =20 diff --git a/src/initscripts/system/conntrackd b/src/initscripts/system/connt= rackd new file mode 100755 index 000000000..2e7a2678b --- /dev/null +++ b/src/initscripts/system/conntrackd @@ -0,0 +1,41 @@ +#!/bin/sh +######################################################################## +# Begin $rc_base/init.d/conntrackd +######################################################################## + +. /etc/sysconfig/rc +. ${rc_functions} + +case "${1}" in + start) + # Don't attempt to launch the daemon when we have no configuration + if [ ! -s "/etc/conntrackd/conntrackd.conf" ]; then + exit 0 + fi + + boot_mesg "Starting Connection Tracking Daemon..." + loadproc /usr/sbin/conntrackd -d + ;; + + stop) + boot_mesg "Stopping Connection Tracking Daemon..." + killproc /usr/sbin/conntrackd + ;; + + restart) + ${0} stop + sleep 1 + ${0} start + ;; + + status) + statusproc /usr/sbin/conntrackd + ;; + + *) + echo "Usage: ${0} {start|stop|restart|status}" + exit 1 + ;; +esac + +# End $rc_base/init.d/conntrackd diff --git a/src/initscripts/system/unbound b/src/initscripts/system/unbound index cc46c33c9..08007f50a 100644 --- a/src/initscripts/system/unbound +++ b/src/initscripts/system/unbound @@ -197,8 +197,8 @@ write_forward_conf() { =20 local insecure_zones=3D"${INSECURE_ZONES}" =20 - local enabled zone server remark - while IFS=3D"," read -r enabled zone server remark; do + local enabled zone server servers remark + while IFS=3D"," read -r enabled zone servers remark; do # Line must be enabled. [ "${enabled}" =3D "on" ] || continue =20 @@ -215,7 +215,13 @@ write_forward_conf() { *.in-addr.arpa) echo "stub-zone:" echo " name: ${zone}" - echo " stub-addr: ${server}" + for server in ${servers//|/ }; do + if [[ ${server} =3D~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then + echo " stub-addr: ${server}" + else + echo " stub-host: ${server}" + fi + done echo echo "server:" echo " local-zone: \"${zone}\" transparent" @@ -224,7 +230,13 @@ write_forward_conf() { *) echo "forward-zone:" echo " name: ${zone}" - echo " forward-addr: ${server}" + for server in ${servers//|/ }; do + if [[ ${server} =3D~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then + echo " forward-addr: ${server}" + else + echo " forward-host: ${server}" + fi + done echo ;; esac diff --git a/src/installer/hw.c b/src/installer/hw.c index b329db545..71a1f1cce 100644 --- a/src/installer/hw.c +++ b/src/installer/hw.c @@ -547,8 +547,10 @@ static int hw_calculate_partition_table(struct hw* hw, s= truct hw_destination* de =20 snprintf(dest->part_boot_efi, sizeof(dest->part_boot_efi), "%s%d", path, part_idx++); - } else + } else { *dest->part_boot_efi =3D '\0'; + dest->part_boot_efi_idx =3D 0; + } =20 if (dest->size_swap > 0) snprintf(dest->part_swap, sizeof(dest->part_swap), "%s%d", path, part_idx+= +); diff --git a/src/paks/haproxy/install.sh b/src/paks/haproxy/install.sh index 45b2161b1..8282acb28 100644 --- a/src/paks/haproxy/install.sh +++ b/src/paks/haproxy/install.sh @@ -23,6 +23,7 @@ # . /opt/pakfire/lib/functions.sh extract_files +restore_backup ${NAME} =20 # Enable autostart ln -sf ../init.d/haproxy /etc/rc.d/rc0.d/K25haproxy diff --git a/src/paks/haproxy/uninstall.sh b/src/paks/haproxy/uninstall.sh index b01ee1147..9621b52a0 100644 --- a/src/paks/haproxy/uninstall.sh +++ b/src/paks/haproxy/uninstall.sh @@ -22,5 +22,6 @@ ############################################################################ # . /opt/pakfire/lib/functions.sh +make_backup ${NAME} remove_files rm -rfv /etc/rc.d/rc*.d/*haproxy diff --git a/src/patches/fireinfo-support-upstream-proxy-with-authentication.= patch b/src/patches/fireinfo-support-upstream-proxy-with-authentication.patch new file mode 100644 index 000000000..1e5a98655 --- /dev/null +++ b/src/patches/fireinfo-support-upstream-proxy-with-authentication.patch @@ -0,0 +1,61 @@ +From 74c5e2adc61548900e256c3e58a0a63f5b3c2a4f Mon Sep 17 00:00:00 2001 +From: =3D?UTF-8?q?Peter=3D20M=3DC3=3DBCller?=3D +Date: Tue, 4 Dec 2018 18:13:15 +0100 +Subject: [PATCH] fireinfo: support upstream proxy with authentication +MIME-Version: 1.0 +Content-Type: text/plain; charset=3DUTF-8 +Content-Transfer-Encoding: 8bit + +Fireinfo could not send its profile to https://fireinfo.ipfire.org/ +if the machine is behind an upstream proxy which requires username +and password. This is fixed by tweaking urllib2's opening handler. + +To apply this on existing installations, the fireinfo package +needs to be shipped during an update. + +The third version of this patch fixes bogus indention, assembles +proxy authentication string more readable and preserves HTTP +proxy handler. + +Fixes #11905 + +Signed-off-by: Peter M=C3=BCller +Cc: Michael Tremer +Signed-off-by: Michael Tremer +--- + src/sendprofile | 14 ++++++++++++-- + 1 file changed, 12 insertions(+), 2 deletions(-) + mode change 100644 =3D> 100755 src/sendprofile + +diff --git a/src/sendprofile b/src/sendprofile +old mode 100644 +new mode 100755 +index b836567..3ce68b9 +--- a/src/sendprofile ++++ b/src/sendprofile +@@ -73,10 +73,20 @@ def send_profile(profile): + request.add_header("User-Agent", "fireinfo/%s" % fireinfo.__version__) +=20 + # Set upstream proxy if we have one. +- # XXX this cannot handle authentication + proxy =3D get_upstream_proxy() ++ + if proxy["host"]: +- request.set_proxy(proxy["host"], "http") ++ # handling upstream proxies with authentication is more tricky... ++ if proxy["user"] and proxy["pass"]: ++ prx_auth_string =3D "http://%s:%s@%s/" % (proxy["user"], proxy["pass"], = proxy["host"]) ++ ++ proxy_handler =3D urllib2.ProxyHandler({'http': prx_auth_string, 'https'= : prx_auth_string}) ++ auth =3D urllib2.HTTPBasicAuthHandler() ++ opener =3D urllib2.build_opener(proxy_handler, auth, urllib2.HTTPHandler) ++ urllib2.install_opener(opener) ++ else: ++ request.set_proxy(proxy["host"], "http") ++ request.set_proxy(proxy["host"], "https") +=20 + try: + urllib2.urlopen(request, timeout=3D60) +--=20 +2.6.3 + diff --git a/src/patches/grub-2.02-xfs-accept-filesystem-with-sparse-inodes.p= atch b/src/patches/grub-2.02-xfs-accept-filesystem-with-sparse-inodes.patch new file mode 100644 index 000000000..6c6a750b4 --- /dev/null +++ b/src/patches/grub-2.02-xfs-accept-filesystem-with-sparse-inodes.patch @@ -0,0 +1,60 @@ +From cda0a857dd7a27cd5d621747464bfe71e8727fff Mon Sep 17 00:00:00 2001 +From: Daniel Kiper +Date: Tue, 29 May 2018 16:16:02 +0200 +Subject: xfs: Accept filesystem with sparse inodes + +The sparse inode metadata format became a mkfs.xfs default in +xfsprogs-4.16.0, and such filesystems are now rejected by grub as +containing an incompatible feature. + +In essence, this feature allows xfs to allocate inodes into fragmented +freespace. (Without this feature, if xfs could not allocate contiguous +space for 64 new inodes, inode creation would fail.) + +In practice, the disk format change is restricted to the inode btree, +which as far as I can tell is not used by grub. If all you're doing +today is parsing a directory, reading an inode number, and converting +that inode number to a disk location, then ignoring this feature +should be fine, so I've added it to XFS_SB_FEAT_INCOMPAT_SUPPORTED + +I did some brief testing of this patch by hacking up the regression +tests to completely fragment freespace on the test xfs filesystem, and +then write a large-ish number of inodes to consume any existing +contiguous 64-inode chunk. This way any files the grub tests add and +traverse would be in such a fragmented inode allocation. Tests passed, +but I'm not sure how to cleanly integrate that into the test harness. + +Signed-off-by: Eric Sandeen +Reviewed-by: Daniel Kiper +Tested-by: Chris Murphy +--- + grub-core/fs/xfs.c | 11 ++++++++++- + 1 file changed, 10 insertions(+), 1 deletion(-) + +diff --git a/grub-core/fs/xfs.c b/grub-core/fs/xfs.c +index c6031bd..3b00c74 100644 +--- a/grub-core/fs/xfs.c ++++ b/grub-core/fs/xfs.c +@@ -79,9 +79,18 @@ GRUB_MOD_LICENSE ("GPLv3+"); + #define XFS_SB_FEAT_INCOMPAT_SPINODES (1 << 1) /* sparse inode chu= nks */ + #define XFS_SB_FEAT_INCOMPAT_META_UUID (1 << 2) /* metadata UUID */ +=20 +-/* We do not currently verify metadata UUID so it is safe to read such file= system */ ++/* ++ * Directory entries with ftype are explicitly handled by GRUB code. ++ * ++ * We do not currently read the inode btrees, so it is safe to read filesys= tems ++ * with the XFS_SB_FEAT_INCOMPAT_SPINODES feature. ++ * ++ * We do not currently verify metadata UUID, so it is safe to read filesyst= ems ++ * with the XFS_SB_FEAT_INCOMPAT_META_UUID feature. ++ */ + #define XFS_SB_FEAT_INCOMPAT_SUPPORTED \ + (XFS_SB_FEAT_INCOMPAT_FTYPE | \ ++ XFS_SB_FEAT_INCOMPAT_SPINODES | \ + XFS_SB_FEAT_INCOMPAT_META_UUID) +=20 + struct grub_xfs_sblock +--=20 +cgit v1.0-41-gc330 + diff --git a/src/patches/python-2.7.13-getentropy.patch b/src/patches/python-= 2.7.13-getentropy.patch deleted file mode 100644 index 7e00061c1..000000000 --- a/src/patches/python-2.7.13-getentropy.patch +++ /dev/null @@ -1,22 +0,0 @@ -diff --git a/Python/random.c b/Python/random.c -index 2f83b5d..4cae217 100644 ---- a/Python/random.c -+++ b/Python/random.c -@@ -97,8 +97,15 @@ win32_urandom(unsigned char *buffer, Py_ssize_t size, int= raise) - } -=20 - /* Issue #25003: Don't use getentropy() on Solaris (available since -- * Solaris 11.3), it is blocking whereas os.urandom() should not block. */ --#elif defined(HAVE_GETENTROPY) && !defined(sun) -+ Solaris 11.3), it is blocking whereas os.urandom() should not block. -+ -+ Issue #29188: Don't use getentropy() on Linux since the glibc 2.24 -+ implements it with the getrandom() syscall which can fail with ENOSYS, -+ and this error is not supported in py_getentropy() and getrandom() is ca= lled -+ with flags=3D0 which blocks until system urandom is initialized, which i= s not -+ the desired behaviour to seed the Python hash secret nor for os.urandom(= ): -+ see the PEP 524 which was only implemented in Python 3.6. */ -+#elif defined(HAVE_GETENTROPY) && !defined(sun) && !defined(linux) - #define PY_GETENTROPY 1 -=20 - /* Fill buffer with size pseudo-random bytes generated by getentropy(). diff --git a/src/patches/squid/01_Certificate_fields_injection_via_D_in_ERR_S= ECURE_CONNECT_FAIL_306.patch b/src/patches/squid/01_Certificate_fields_inject= ion_via_D_in_ERR_SECURE_CONNECT_FAIL_306.patch deleted file mode 100644 index fadb1d48c..000000000 --- a/src/patches/squid/01_Certificate_fields_injection_via_D_in_ERR_SECURE_C= ONNECT_FAIL_306.patch +++ /dev/null @@ -1,72 +0,0 @@ -commit f1657a9decc820f748fa3aff68168d3145258031 -Author: Christos Tsantilas -Date: 2018-10-17 15:14:07 +0000 - - Certificate fields injection via %D in ERR_SECURE_CONNECT_FAIL (#306) - =20 - %ssl_subject, %ssl_ca_name, and %ssl_cn values were not properly escaped= when %D code was expanded in HTML context of the ERR_SECURE_CONNECT_FAIL tem= plate. This bug affects all - ERR_SECURE_CONNECT_FAIL page templates containing %D, including the defa= ult template. - =20 - Other error pages are not vulnerable because Squid does not populate %D = with certificate details in other contexts (yet). - =20 - Thanks to Nikolas Lohmann [eBlocker] for identifying the problem. - =20 - TODO: If those certificate details become needed for ACL checks or other= non-HTML purposes, make their HTML-escaping conditional. - =20 - This is a Measurement Factory project. - -diff --git a/src/ssl/ErrorDetail.cc b/src/ssl/ErrorDetail.cc -index b5030e3..314e998 100644 ---- a/src/ssl/ErrorDetail.cc -+++ b/src/ssl/ErrorDetail.cc -@@ -8,6 +8,8 @@ -=20 - #include "squid.h" - #include "errorpage.h" -+#include "fatal.h" -+#include "html_quote.h" - #include "ssl/ErrorDetail.h" -=20 - #include -@@ -432,8 +434,11 @@ const char *Ssl::ErrorDetail::subject() const - { - if (broken_cert.get()) { - static char tmpBuffer[256]; // A temporary buffer -- if (X509_NAME_oneline(X509_get_subject_name(broken_cert.get()), tmp= Buffer, sizeof(tmpBuffer))) -- return tmpBuffer; -+ if (X509_NAME_oneline(X509_get_subject_name(broken_cert.get()), tmp= Buffer, sizeof(tmpBuffer))) { -+ // quote to avoid possible html code injection through -+ // certificate subject -+ return html_quote(tmpBuffer); -+ } - } - return "[Not available]"; - } -@@ -461,8 +466,11 @@ const char *Ssl::ErrorDetail::cn() const - static String tmpStr; ///< A temporary string buffer - tmpStr.clean(); - Ssl::matchX509CommonNames(broken_cert.get(), &tmpStr, copy_cn); -- if (tmpStr.size()) -- return tmpStr.termedBuf(); -+ if (tmpStr.size()) { -+ // quote to avoid possible html code injection through -+ // certificate subject -+ return html_quote(tmpStr.termedBuf()); -+ } - } - return "[Not available]"; - } -@@ -474,8 +482,11 @@ const char *Ssl::ErrorDetail::ca_name() const - { - if (broken_cert.get()) { - static char tmpBuffer[256]; // A temporary buffer -- if (X509_NAME_oneline(X509_get_issuer_name(broken_cert.get()), tmpB= uffer, sizeof(tmpBuffer))) -- return tmpBuffer; -+ if (X509_NAME_oneline(X509_get_issuer_name(broken_cert.get()), tmpB= uffer, sizeof(tmpBuffer))) { -+ // quote to avoid possible html code injection through -+ // certificate issuer subject -+ return html_quote(tmpBuffer); -+ } - } - return "[Not available]"; - } diff --git a/src/patches/squid/02_Fix_memory_leak_when_parsing_SNMP_packet_31= 3.patch b/src/patches/squid/02_Fix_memory_leak_when_parsing_SNMP_packet_313.p= atch deleted file mode 100644 index 2ae034c20..000000000 --- a/src/patches/squid/02_Fix_memory_leak_when_parsing_SNMP_packet_313.patch +++ /dev/null @@ -1,22 +0,0 @@ -commit bc9786119f058a76ddf0625424bc33d36460b9a2 (refs/remotes/origin/v3.5) -Author: flozilla -Date: 2018-10-24 14:12:01 +0200 - - Fix memory leak when parsing SNMP packet (#313) - =20 - SNMP queries denied by snmp_access rules and queries with certain - unsupported SNMPv2 commands were leaking a few hundred bytes each. Such - queries trigger "SNMP agent query DENIED from..." WARNINGs in cache.log. - -diff --git a/src/snmp_core.cc b/src/snmp_core.cc -index c4d21c1..16c2993 100644 ---- a/src/snmp_core.cc -+++ b/src/snmp_core.cc -@@ -409,6 +409,7 @@ snmpDecodePacket(SnmpRequest * rq) - snmpConstructReponse(rq); - } else { - debugs(49, DBG_IMPORTANT, "WARNING: SNMP agent query DENIED fro= m : " << rq->from); -+ snmp_free_pdu(PDU); - } - xfree(Community); -=20 diff --git a/src/patches/squid/squid-3.5.28-fix-max-file-descriptors.patch b/= src/patches/squid/squid-4.5-fix-max-file-descriptors.patch similarity index 92% rename from src/patches/squid/squid-3.5.28-fix-max-file-descriptors.patch rename to src/patches/squid/squid-4.5-fix-max-file-descriptors.patch index b740b6104..57fd0a6a6 100644 --- a/src/patches/squid/squid-3.5.28-fix-max-file-descriptors.patch +++ b/src/patches/squid/squid-4.5-fix-max-file-descriptors.patch @@ -1,6 +1,6 @@ --- configure.ac.~ Wed Apr 20 14:26:07 2016 +++ configure.ac Fri Apr 22 17:20:46 2016 -@@ -3135,6 +3135,9 @@ +@@ -3160,6 +3160,9 @@ ;; esac =20 @@ -10,7 +10,7 @@ dnl --with-maxfd present for compatibility with Squid-2. dnl undocumented in ./configure --help to encourage using the Squid-3 dire= ctive AC_ARG_WITH(maxfd,, -@@ -3165,8 +3168,6 @@ +@@ -3190,8 +3193,6 @@ esac ]) =20 diff --git a/src/patches/tar/01_extract.c.patch b/src/patches/tar/01_extract.= c.patch new file mode 100644 index 000000000..21c3cd86f --- /dev/null +++ b/src/patches/tar/01_extract.c.patch @@ -0,0 +1,12 @@ +--- tar-1.31/src/extract.c 2019-01-02 18:07:48.000000000 +0000 ++++ tar-1.31.patched/src/extract.c 2019-01-09 16:17:20.368612005 +0000 +@@ -782,7 +782,8 @@ + case OVERWRITE_OLD_FILES: + if (0 < remove_any_file (file_name, ORDINARY_REMOVE_OPTION)) + return RECOVER_OK; +- break; ++ errno =3D e; ++ return RECOVER_NO; +=20 + case UNLINK_FIRST_OLD_FILES: + break; diff --git a/src/patches/transmission-2.92-openssl-1.1.0.patch b/src/patches/= transmission-2.92-openssl-1.1.0.patch deleted file mode 100644 index 29484b833..000000000 --- a/src/patches/transmission-2.92-openssl-1.1.0.patch +++ /dev/null @@ -1,261 +0,0 @@ -From f91cf5ad8c677b61ceb0bf5877b87f9e93256dd7 Mon Sep 17 00:00:00 2001 -From: Sebastian Andrzej Siewior -Date: Mon, 5 Sep 2016 21:49:07 +0000 -Subject: [PATCH] transmission: build against openssl 1.1.0 - -Signed-off-by: Sebastian Andrzej Siewior ---- - libtransmission/crypto-utils-openssl.c | 73 +++++++++++++++++++++++++++++++= +-- - 1 file changed, 69 insertions(+), 4 deletions(-) - -diff --git a/libtransmission/crypto-utils-openssl.c b/libtransmission/crypto= -utils-openssl.c -index c4539dc..972e24a 100644 ---- a/libtransmission/crypto-utils-openssl.c -+++ b/libtransmission/crypto-utils-openssl.c -@@ -229,6 +229,61 @@ tr_rc4_process (tr_rc4_ctx_t handle, - **** - ***/ -=20 -+#if OPENSSL_VERSION_NUMBER < 0x10100000 -+static inline int -+DH_set0_pqg (DH * dh, -+ BIGNUM * p, -+ BIGNUM * q, -+ BIGNUM * g) -+{ -+ /* If the fields p and g in d are NULL, the corresponding input -+ * parameters MUST be non-NULL. q may remain NULL. -+ */ -+ if ((dh->p =3D=3D NULL && p =3D=3D NULL) -+ || (dh->g =3D=3D NULL && g =3D=3D NULL)) -+ return 0; -+ -+ if (p !=3D NULL) { -+ BN_free (dh->p); -+ dh->p =3D p; -+ } -+ if (q !=3D NULL) { -+ BN_free (dh->q); -+ dh->q =3D q; -+ } -+ if (g !=3D NULL) { -+ BN_free (dh->g); -+ dh->g =3D g; -+ } -+ -+ if (q !=3D NULL) { -+ dh->length =3D BN_num_bits (q); -+ } -+ -+ return 1; -+} -+ -+static inline int -+DH_set_length (DH * dh, -+ long length) -+{ -+ dh->length =3D length; -+ return 1; -+} -+ -+static inline void -+DH_get0_key(const DH * dh, -+ const BIGNUM ** pub_key, -+ const BIGNUM ** priv_key) -+{ -+ if (pub_key !=3D NULL) -+ *pub_key =3D dh->pub_key; -+ if (priv_key !=3D NULL) -+ *priv_key =3D dh->priv_key; -+} -+ -+#endif -+ - tr_dh_ctx_t - tr_dh_new (const uint8_t * prime_num, - size_t prime_num_length, -@@ -236,13 +291,19 @@ tr_dh_new (const uint8_t * prime_num, - size_t generator_num_length) - { - DH * handle =3D DH_new (); -+ BIGNUM * p, * g; -=20 - assert (prime_num !=3D NULL); - assert (generator_num !=3D NULL); -+ p =3D BN_bin2bn (prime_num, prime_num_length, NULL); -+ g =3D BN_bin2bn (generator_num, generator_num_length, NULL); -=20 -- if (!check_pointer (handle->p =3D BN_bin2bn (prime_num, prime_num_length,= NULL)) || -- !check_pointer (handle->g =3D BN_bin2bn (generator_num, generator_num= _length, NULL))) -+ if (!check_pointer (p) || -+ !check_pointer (g) || -+ !DH_set0_pqg (handle, p, NULL, g)) - { -+ BN_free (p); -+ BN_free (g); - DH_free (handle); - handle =3D NULL; - } -@@ -267,16 +328,20 @@ tr_dh_make_key (tr_dh_ctx_t raw_handle, - { - DH * handle =3D raw_handle; - int dh_size, my_public_key_length; -+ const BIGNUM * hand_pub_key; -=20 - assert (handle !=3D NULL); - assert (public_key !=3D NULL); -=20 -- handle->length =3D private_key_length * 8; -+ -+ DH_set_length(handle, private_key_length * 8); -=20 - if (!check_result (DH_generate_key (handle))) - return false; -=20 -- my_public_key_length =3D BN_bn2bin (handle->pub_key, public_key); -+ DH_get0_key (handle, &hand_pub_key, NULL); -+ -+ my_public_key_length =3D BN_bn2bin (hand_pub_key, public_key); - dh_size =3D DH_size (handle); -=20 - tr_dh_align_key (public_key, my_public_key_length, dh_size); -From 8c8386a7f3f482a9c917f51d28e0042e55f56b3e Mon Sep 17 00:00:00 2001 -From: Mike Gelfand -Date: Wed, 7 Sep 2016 01:09:04 +0300 -Subject: [PATCH] Fix coding style and building with !TR_LIGHTWEIGHT - ---- - libtransmission/crypto-utils-openssl.c | 60 +++++++++++++++++++------------= --- - 1 file changed, 33 insertions(+), 27 deletions(-) - -diff --git a/libtransmission/crypto-utils-openssl.c b/libtransmission/crypto= -utils-openssl.c -index 972e24a..9fd2c58 100644 ---- a/libtransmission/crypto-utils-openssl.c -+++ b/libtransmission/crypto-utils-openssl.c -@@ -14,6 +14,7 @@ - #include -=20 - #include -+#include - #include - #include - #include -@@ -48,7 +49,12 @@ log_openssl_error (const char * file, - static bool strings_loaded =3D false; - if (!strings_loaded) - { -+#if OPENSSL_VERSION_NUMBER < 0x10100000 - ERR_load_crypto_strings (); -+#else -+ OPENSSL_init_crypto (OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL); -+#endif -+ - strings_loaded =3D true; - } - #endif -@@ -230,6 +236,7 @@ tr_rc4_process (tr_rc4_ctx_t handle, - ***/ -=20 - #if OPENSSL_VERSION_NUMBER < 0x10100000 -+ - static inline int - DH_set0_pqg (DH * dh, - BIGNUM * p, -@@ -237,28 +244,29 @@ DH_set0_pqg (DH * dh, - BIGNUM * g) - { - /* If the fields p and g in d are NULL, the corresponding input -- * parameters MUST be non-NULL. q may remain NULL. -+ * parameters MUST be non-NULL. q may remain NULL. - */ -- if ((dh->p =3D=3D NULL && p =3D=3D NULL) -- || (dh->g =3D=3D NULL && g =3D=3D NULL)) -+ if ((dh->p =3D=3D NULL && p =3D=3D NULL) || (dh->g =3D=3D NULL && g =3D= =3D NULL)) - return 0; -=20 -- if (p !=3D NULL) { -- BN_free (dh->p); -- dh->p =3D p; -- } -- if (q !=3D NULL) { -- BN_free (dh->q); -- dh->q =3D q; -- } -- if (g !=3D NULL) { -- BN_free (dh->g); -- dh->g =3D g; -- } -- -- if (q !=3D NULL) { -+ if (p !=3D NULL) -+ { -+ BN_free (dh->p); -+ dh->p =3D p; -+ } -+ if (q !=3D NULL) -+ { -+ BN_free (dh->q); -+ dh->q =3D q; -+ } -+ if (g !=3D NULL) -+ { -+ BN_free (dh->g); -+ dh->g =3D g; -+ } -+ -+ if (q !=3D NULL) - dh->length =3D BN_num_bits (q); -- } -=20 - return 1; - } -@@ -267,8 +275,8 @@ static inline int - DH_set_length (DH * dh, - long length) - { -- dh->length =3D length; -- return 1; -+ dh->length =3D length; -+ return 1; - } -=20 - static inline void -@@ -295,12 +303,11 @@ tr_dh_new (const uint8_t * prime_num, -=20 - assert (prime_num !=3D NULL); - assert (generator_num !=3D NULL); -+ - p =3D BN_bin2bn (prime_num, prime_num_length, NULL); - g =3D BN_bin2bn (generator_num, generator_num_length, NULL); -=20 -- if (!check_pointer (p) || -- !check_pointer (g) || -- !DH_set0_pqg (handle, p, NULL, g)) -+ if (!check_pointer (p) || !check_pointer (g) || !DH_set0_pqg (handle, p, = NULL, g)) - { - BN_free (p); - BN_free (g); -@@ -328,20 +335,19 @@ tr_dh_make_key (tr_dh_ctx_t raw_handle, - { - DH * handle =3D raw_handle; - int dh_size, my_public_key_length; -- const BIGNUM * hand_pub_key; -+ const BIGNUM * my_public_key; -=20 - assert (handle !=3D NULL); - assert (public_key !=3D NULL); -=20 -- - DH_set_length(handle, private_key_length * 8); -=20 - if (!check_result (DH_generate_key (handle))) - return false; -=20 -- DH_get0_key (handle, &hand_pub_key, NULL); -+ DH_get0_key (handle, &my_public_key, NULL); -=20 -- my_public_key_length =3D BN_bn2bin (hand_pub_key, public_key); -+ my_public_key_length =3D BN_bn2bin (my_public_key, public_key); - dh_size =3D DH_size (handle); -=20 - tr_dh_align_key (public_key, my_public_key_length, dh_size); diff --git a/src/scripts/xt_geoip_build b/src/scripts/xt_geoip_build deleted file mode 100644 index 202156f13..000000000 --- a/src/scripts/xt_geoip_build +++ /dev/null @@ -1,89 +0,0 @@ -#!/usr/bin/perl -# -# Converter for MaxMind CSV database to binary, for xt_geoip -# Copyright =C2=A9 Jan Engelhardt, 2008-2011 -# -use Getopt::Long; -use IO::Handle; -use Text::CSV_XS; # or trade for Text::CSV -use strict; - -my $csv =3D Text::CSV_XS->new({ - allow_whitespace =3D> 1, - binary =3D> 1, - eol =3D> $/, -}); # or Text::CSV -my $target_dir =3D "."; - -&Getopt::Long::Configure(qw(bundling)); -&GetOptions( - "D=3Ds" =3D> \$target_dir, -); - -if (!-d $target_dir) { - print STDERR "Target directory $target_dir does not exist.\n"; - exit 1; -} - -my $dir =3D "$target_dir/LE"; -if (!-e $dir && !mkdir($dir)) { - print STDERR "Could not mkdir $dir: $!\n"; - exit 1; -} - -&dump(&collect()); - -sub collect -{ - my %country; - - while (my $row =3D $csv->getline(*ARGV)) { - if (!defined($country{$row->[4]})) { - $country{$row->[4]} =3D { - name =3D> $row->[5], - pool_v4 =3D> [], - pool_v6 =3D> [], - }; - } - my $c =3D $country{$row->[4]}; - - push(@{$c->{pool_v4}}, [$row->[2], $row->[3]]); - - if ($. % 4096 =3D=3D 0) { - print STDERR "\r\e[2K$. entries"; - } - } - - print STDERR "\r\e[2K$. entries total\n"; - return \%country; -} - -sub dump -{ - my $country =3D shift @_; - - foreach my $iso_code (sort keys %$country) { - &dump_one($iso_code, $country->{$iso_code}); - } -} - -sub dump_one -{ - my($iso_code, $country) =3D @_; - my($file, $fh_le, $fh_be); - - printf "%5u IPv4 ranges for %s %s\n", - scalar(@{$country->{pool_v4}}), - $iso_code, $country->{name}; - - $file =3D "$target_dir/LE/".uc($iso_code).".iv4"; - if (!open($fh_le, "> $file")) { - print STDERR "Error opening $file: $!\n"; - exit 1; - } - foreach my $range (@{$country->{pool_v4}}) { - print $fh_le pack("VV", $range->[0], $range->[1]); - #print $fh_be pack("NN", $range->[0], $range->[1]); - } - close $fh_le; -} diff --git a/src/scripts/xt_geoip_update b/src/scripts/xt_geoip_update index 0aea4d03e..73484c7a0 100644 --- a/src/scripts/xt_geoip_update +++ b/src/scripts/xt_geoip_update @@ -24,13 +24,10 @@ TMP_FILE=3D$(mktemp -p $TMP_PATH) =20 SCRIPT_PATH=3D/usr/local/bin DEST_PATH=3D/usr/share/xt_geoip +DB_PATH=3D/var/lib/GeoIP =20 -DL_URL=3Dhttps://geolite.maxmind.com/download/geoip/database -DL_FILE=3DGeoIPCountryCSV.zip - -CSV_FILE=3DGeoIPCountryWhois.csv - -ARCH=3DLE +DL_URL=3Dhttp://geolite.maxmind.com/download/geoip/database/ +DL_FILE=3DGeoLite2-Country-CSV.zip =20 eval $(/usr/local/bin/readhash /var/ipfire/proxy/settings) =20 @@ -57,42 +54,41 @@ function download() { # Get the latest GeoIP database from server. wget $DL_URL/$DL_FILE $PROXYSETTINGS -O $TMP_FILE =20 - # Extract files. + # Extract files to database path. unzip $TMP_FILE -d $TMP_PATH =20 return 0 } =20 -function build() { - echo "Convert database..." +function install() { + echo "Install CSV database..." =20 - # Check if the csv file exists. - if [ ! -e $TMP_PATH/$CSV_FILE ]; then - echo "$TMP_PATH/$CSV_FILE not found. Exiting." - return 1 + # Check if the database dir exists. + if [ ! -e "$DB_PATH" ]; then + mkdir -p $DB_PATH &>/dev/null fi =20 - # Run script to convert the CSV file into several xtables - # compatible binary files. - if ! $SCRIPT_PATH/xt_geoip_build $TMP_PATH/$CSV_FILE -D $TMP_PATH; then - echo "Could not convert ruleset. Aborting." >&2 + # Check if the directory for binary databases exists. + if [ ! -e "$DEST_PATH" ]; then + mkdir -p $DEST_PATH &>/dev/null + fi + + # Install CSV databases. + if ! cp -af $TMP_PATH/*/* $DB_PATH &>/dev/null; then + echo "Could not copy files. Aborting." >&2 return 1 fi =20 return 0 } =20 -function install() { - echo "Install databases..." - - # Check if our destination exist. - if [ ! -e "$DEST_PATH" ]; then - mkdir -p $DEST_PATH &>/dev/null - fi +function build() { + echo "Convert database..." =20 - # Install databases. - if ! cp -af $TMP_PATH/$ARCH $DEST_PATH &>/dev/null; then - echo "Could not copy files. Aborting." >&2 + # Run script to convert the CSV file into several xtables + # compatible binary files. + if ! $SCRIPT_PATH/xt_geoip_build -S $DB_PATH -D $DEST_PATH; then + echo "Could not convert ruleset. Aborting." >&2 return 1 fi =20 @@ -113,23 +109,18 @@ function main() { # Download ruleset. download || exit $? =20 - # Convert the ruleset. - if ! build; then - # Do cleanup. - cleanup || exit $? - exit 1 - fi - - # Install the converted ruleset. if ! install; then # Do cleanup. cleanup || exit $? exit 1 fi =20 - # Finaly remove temporary files. + # Remove temporary files. cleanup || exit $? =20 + # Convert the ruleset. + build || exit $? + return 0 } =20 hooks/post-receive -- IPFire 2.x development tree --===============6777210486128463738==--