This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree". The branch, core129 has been created at 9deeda77b6fc4d62dce279b9854094ae8fcf4a4a (commit) - Log ----------------------------------------------------------------- commit 9deeda77b6fc4d62dce279b9854094ae8fcf4a4a Author: Arne Fitzenreiter Date: Wed Mar 13 15:18:52 2019 +0100 core129: finish update Signed-off-by: Arne Fitzenreiter commit 668119063c630ff3fd7e8b6f1b608374c6c43f60 Author: Arne Fitzenreiter Date: Wed Mar 13 15:17:28 2019 +0100 u-boot: try to boot without ramdisk if the system cannot load it Signed-off-by: Arne Fitzenreiter commit eaf004a4683518d80a1ad1ab0d0666aed34408cc Author: Arne Fitzenreiter Date: Wed Mar 13 15:06:23 2019 +0100 knot: update to 2.8.0 and build/install only kdig This fix compile errors on small arm boards. (cc1 internal error) Signed-off-by: Arne Fitzenreiter commit b57220aacdc2868f2ffab38348cf6f04af5c02a0 Author: Arne Fitzenreiter Date: Wed Mar 13 15:04:40 2019 +0100 groff: update to 1.22.4 This fix compile problems on small arm boards. (cc1 internal error) Signed-off-by: Arne Fitzenreiter commit c448474fc7032d9c522ba468b532d7920e0da6f4 Author: Arne Fitzenreiter Date: Wed Mar 13 09:38:21 2019 +0100 Revert "kernel: cleanup unused rpi patch" This reverts commit a2d49659f3947e5a5a77cbc1bf384eb0b2760ca9. The patch is still needed to prevent strange crashes Signed-off-by: Arne Fitzenreiter commit beac5489627eafefcc6dd3adabfd1c74ffacc4d0 Author: Michael Tremer Date: Mon Mar 11 15:58:45 2019 +0000 Update list of contributors Signed-off-by: Michael Tremer commit e26e86dcaa2b35d7e6500c088d4f2afba4c4ddd8 Author: Michael Tremer Date: Mon Mar 11 15:58:04 2019 +0000 core129: Ship updated dnsforward.cgi Signed-off-by: Michael Tremer commit 56947acb12176f397cbd5078c5544cdc4f19b27b Merge: f1042a5d4 1ececb67a Author: Michael Tremer Date: Mon Mar 11 15:57:15 2019 +0000 Merge remote-tracking branch 'ms/dns-forwarding' into next commit f1042a5d4401ff6feb16eb18f1fcd48936e8c878 Author: Michael Tremer Date: Mon Mar 11 09:54:19 2019 +0000 core129: Ship updated dhcp.cgi Signed-off-by: Michael Tremer commit 8288c0394bb96f5aa3878ea86c05c2d92d677347 Merge: 04f932195 31672dc8b Author: Michael Tremer Date: Mon Mar 11 09:53:56 2019 +0000 Merge remote-tracking branch 'ms/dhcp' into next commit 04f9321955606822aad7719fed4e80e26a1f82f9 Author: Peter Müller Date: Fri Mar 8 19:17:00 2019 +0000 Tor WebUI: drop relay bandwith options < 1 MBit/s Tor requires at least 1 MBit/s in order to participate. Fixes #12001 Signed-off-by: Peter Müller Signed-off-by: Michael Tremer commit 199db95a705e059972d34b578b55606a65851904 Author: Michael Tremer Date: Mon Mar 11 09:38:56 2019 +0000 dnsdist: Limit to fewer concurrent build processes Signed-off-by: Michael Tremer commit 61424e9c67334f2940ec8be66612b0a6b4df7adb Author: Michael Tremer Date: Sun Mar 10 18:23:22 2019 +0000 core129: Ship updated less Signed-off-by: Michael Tremer commit 9f7524c8b0832353838255d4b64cf36555e92d56 Author: Peter Müller Date: Fri Mar 8 19:19:00 2019 +0000 less: update to 530 Signed-off-by: Peter Müller Signed-off-by: Michael Tremer commit e29c6d29c9b800ca9c8b818f16e571672cd90a9f Author: Peter Müller Date: Fri Mar 8 19:22:00 2019 +0000 Postfix: update to 3.4.1 Signed-off-by: Peter Müller Signed-off-by: Michael Tremer commit 15b1a3e360a277dc7481103f8ddcbf189033e3a6 Author: Matthias Fischer Date: Sun Mar 10 18:04:31 2019 +0100 slang: revert parallelized build This partially reverts https://git.ipfire.org/?p=ipfire-2.x.git;a=blob;f=lfs/slang;h=217e74c77317d4c829913f934458779fd278bf29;hb=23164efba5f57b3d8ccb07a166b613f2f951e1b6 'slang 2.3.0' doesn't like "$(MAKETUNING)" Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 50fcec161cb56ceb850d6cbda16d34f43d2d653b Author: Michael Tremer Date: Fri Mar 8 10:11:23 2019 +0000 /etc/group: Order groups by ID Signed-off-by: Michael Tremer commit 3d0a1908438dbb7bd6f19c436bdb91f0b6b8fb81 Author: Michael Tremer Date: Fri Mar 8 10:08:02 2019 +0000 /etc/passwd: Order users by ID Signed-off-by: Michael Tremer commit 7996c5fee9627f4fff0fd910d147341846788408 Author: Michael Tremer Date: Fri Mar 8 10:04:28 2019 +0000 zabbix_agent: Create /var/run/zabbix in initscript Signed-off-by: Michael Tremer commit 661fdb02c28c64748b98a305dc63281a9225bbd8 Author: Michael Tremer Date: Fri Mar 8 09:58:56 2019 +0000 zabbix_agent: Ensure that the user exists on all systems Signed-off-by: Michael Tremer commit 06fc6170a2b8827125977c2f4e9c6f94e7d93c0a Author: Alexander Koch Date: Thu Feb 14 00:06:19 2019 +0100 zabbix_agentd: New addon New addon for monitoring IPFire by Zabbix Monitoring (https://www.zabbix.com/features). See https://forum.ipfire.org/viewtopic.php?f=52&t=22039 and https://lists.ipfire.org/pipermail/development/2019-February/005324.html for further details. Best regards, Alex Signed-off-by: Alexander Koch Signed-off-by: Michael Tremer commit 57d1564b3efdffb713d915b0dc66a2a24074c5f9 Author: Erik Kapfer Date: Fri Mar 8 05:51:55 2019 +0100 iptables: Commented legacy ip(6)tables entries from ROOTFILE Signed-off-by: Erik Kapfer Signed-off-by: Michael Tremer commit c0ac5ae2a77d85ab4575bbbca022f18898bead5f Author: Michael Tremer Date: Thu Mar 7 11:27:19 2019 +0000 installer: Download ISO via HTTPS Signed-off-by: Michael Tremer commit ea8a02c232835200d5ea37d4c72e75b864beb8b0 Author: Michael Tremer Date: Thu Mar 7 10:29:31 2019 +0000 Revert "boost: Build with -O2 only" This reverts commit 9ff5b381eb8a4e129978c34f969e312c302ea7b1. Boost wants to build with -O3 no matter what Signed-off-by: Michael Tremer commit 1ececb67a1f83dd931e31d66893893ce542d0814 Author: Michael Tremer Date: Tue Mar 5 16:58:29 2019 +0000 unbound: Mark domains as insecure from DNS forwarding Signed-off-by: Michael Tremer commit 025d8e63185e49d252ee6abb37008c8e5c26bf6b Author: Michael Tremer Date: Tue Mar 5 16:10:17 2019 +0000 DNS Forwarding: Add UI to Allow to disable DNSSEC for a zone Signed-off-by: Michael Tremer commit 71a355c3a246a5de886ffee0376d83be942f48df Merge: 26796f3a4 b15b70bc6 Author: Michael Tremer Date: Tue Mar 5 15:25:36 2019 +0000 Merge branch 'ipsec-on-demand' into next commit b15b70bc6b6b5f6d8b62e5b730b68d86f59810e6 Author: Michael Tremer Date: Tue Mar 5 15:24:19 2019 +0000 vpnmain.cgi: Make on-demand mode default for IPsec VPNs Signed-off-by: Michael Tremer commit eb09c90ef47606f616201fddc5e783149aee9228 Author: Michael Tremer Date: Tue Mar 5 15:23:33 2019 +0000 vpnmain.cgi: Carry over START_ACTION attribute correctly This setting was not carried correctly and therefore the default was ignored. Signed-off-by: Michael Tremer commit 297473d5f4d7ba6734762ec71a8d86c07332a99c Author: Michael Tremer Date: Mon Mar 4 17:21:15 2019 +0000 make.sh: Fit more processes into memory Because we have a good way to limit processes now, we should increase the default size a little bit Signed-off-by: Michael Tremer commit 9ff5b381eb8a4e129978c34f969e312c302ea7b1 Author: Michael Tremer Date: Mon Mar 4 17:20:52 2019 +0000 boost: Build with -O2 only This should increase build speed Signed-off-by: Michael Tremer commit d53537ced9f0c52dbd8446e5e582275ba0053847 Author: Michael Tremer Date: Mon Mar 4 11:57:22 2019 +0000 Config: Builds don't seem to like the space Signed-off-by: Michael Tremer commit a843073c8e93e15fd8e18064abde5e3d3af67368 Author: Michael Tremer Date: Mon Mar 4 11:52:34 2019 +0000 perl: Limit build to 23 parallel processes Signed-off-by: Michael Tremer commit 7691a1bfe73067cb2f3ad3470d0000faf029a24f Author: Michael Tremer Date: Mon Mar 4 11:51:08 2019 +0000 make.sh: Introduce MAX_PARALLELISM This will now adjust MAKETUNING to not launch more processes than MAX_PARALLELISM. Handy to limit builds that use a lot of memory. Signed-off-by: Michael Tremer commit eeee108f183e8d39e27154ee19c1ee0a8b27be11 Author: Michael Tremer Date: Mon Mar 4 11:45:30 2019 +0000 make.sh: Drop MAKETUNING This is now set in lfs/Config Signed-off-by: Michael Tremer commit 77c863a2f113404a7f30b8591b9972291328980b Author: Michael Tremer Date: Mon Mar 4 11:43:47 2019 +0000 make.sh: Introduce DEFAULT_PARALLELISM Signed-off-by: Michael Tremer commit e4ee36fa170d08bccbbd32fe0d56e53f072a2f97 Author: Michael Tremer Date: Mon Mar 4 11:38:38 2019 +0000 make.sh: Use variable instead of calling system_processors function again Signed-off-by: Michael Tremer commit deffc27598806b43ae03a4fb666f2f0254a94066 Author: Michael Tremer Date: Mon Mar 4 11:35:15 2019 +0000 make.sh: Rename HOST_MEM to SYSTEM_MEMORY We had two variables holding the same data Signed-off-by: Michael Tremer commit 85560933590e6ef401216b3b4fba9df917b25a22 Author: Michael Tremer Date: Mon Mar 4 11:33:50 2019 +0000 make.sh: Pass number of processors and total memory so that we can adjust MAKETUNING Signed-off-by: Michael Tremer commit 23164efba5f57b3d8ccb07a166b613f2f951e1b6 Author: Wolfgang Apolinarski Date: Wed Feb 20 20:18:06 2019 +0100 Parallelized build for several packages Added $(MAKETUNING) to several packages. Marked packages that do not support parallel build. Signed-off-by: Michael Tremer commit ea9cb48ae775a7040edaf58224535b71dcde25ea Author: Michael Tremer Date: Mon Mar 4 09:25:13 2019 +0000 core129: Ship wpa_supplicant Signed-off-by: Michael Tremer commit b2ee5e8aa4056c7ce07fa753b677768b954e8c0b Author: Matthias Fischer Date: Tue Mar 5 19:12:52 2019 +0100 wpa_supplicant: Update to 2.7 For details see: https://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog Best, Matthias Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit d6d5999af1cf53a4a7609935f41e2ca03bf92d6c Author: Matthias Fischer Date: Tue Mar 5 19:12:51 2019 +0100 hostapd: Update to 2.7 For details see: https://w1.fi/cgit/hostap/plain/hostapd/ChangeLog This patch sticks to 'wpa_supplicant: Update to 2.7'. Best, Matthias Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 146c837e78449c63e858378dfc84cba9d6a490ce Author: Michael Tremer Date: Sun Mar 3 13:33:52 2019 +0000 netsnmp: Fix rootfile to build on other architectures Signed-off-by: Michael Tremer commit 5a3c9ef298b9004876691f95a63905c11cfdab84 Author: Erik Kapfer Date: Wed Feb 27 06:03:48 2019 +0100 netsnmpd: OpenSSL patch is incl. in new version Signed-off-by: Erik Kapfer Signed-off-by: Michael Tremer commit 758a1893a190249e3bd6a0cca7d9ab21be20a4a8 Author: Erik Kapfer Date: Wed Feb 27 06:03:47 2019 +0100 netsnmpd: Update to version 5.8 Overview of the changes can be found in here https://sourceforge.net/p/net-snmp/mailman/message/36386084/ . Signed-off-by: Erik Kapfer Signed-off-by: Michael Tremer commit 3f2341da8d3b517466f42338956342fde6e45eec Author: Erik Kapfer Date: Sun Mar 3 09:09:18 2019 +0100 iptables: Update to 1.8.2 netfilter-layer7 has also been updated to v2.23 . Signed-off-by: Erik Kapfer Signed-off-by: Michael Tremer commit 26796f3a4b9f6900e46812fc91090894b1d75658 Author: Michael Tremer Date: Sat Mar 2 14:55:04 2019 +0000 Unpack intel microcode before initramfs images are being built Previously, the microcode updates were not packaged in the shipped initramfs images which causes that Intel processors are still running on outdated microcode. This patch moves intel-microcode before we build the initramfs images. Signed-off-by: Michael Tremer commit a079f7aaeefbb66283a10466e80be5695828217a Author: Michael Tremer Date: Sat Mar 2 14:14:14 2019 +0000 core129: Ship updated proxy.cgi Signed-off-by: Michael Tremer commit d50a78220d220d755d5d86fe0dcfc249f8dd2afb Author: Matthias Fischer Date: Sun Mar 3 09:37:01 2019 +0100 Bug 12008 - Typo in 'proxy.cgi' leads to wrong path for 'basic_ldap_auth' Hi, This should fix https://bugzilla.ipfire.org/show_bug.cgi?id=12008 Best, Matthias Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 3d01a8f1a66d84024f3c9472dfda749d8c224a34 Author: Michael Tremer Date: Sat Mar 2 14:12:18 2019 +0000 core129: Ship updated ipset Signed-off-by: Michael Tremer commit 46a073f1b5538d3606c8f3b67787be6d0f29f03a Author: Erik Kapfer Date: Sun Mar 3 09:22:50 2019 +0100 ipset: Update to version 7.1 Signed-off-by: Erik Kapfer Signed-off-by: Michael Tremer commit 7c57cbe24b4a48dbce6cdede9f0211bca9707890 Author: Michael Tremer Date: Sat Mar 2 14:11:02 2019 +0000 core129: Ship updated tar Signed-off-by: Michael Tremer commit 6ca3265c41d5cfa0232a6c2c87d244fc159a0453 Author: Matthias Fischer Date: Sat Mar 2 21:24:15 2019 +0100 tar: Update to 1.32 For details see: http://git.savannah.gnu.org/cgit/tar.git/log/ Best, Matthias Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 15c71234ca3762c0565f96507e17fc4d6397f254 Author: Michael Tremer Date: Sat Mar 2 14:10:21 2019 +0000 core129: Ship updated bind Signed-off-by: Michael Tremer commit ae45fb5193d1e45acf9b4405064571edaafb0b31 Author: Matthias Fischer Date: Sat Mar 2 21:19:03 2019 +0100 bind: Update to 9.11.6 For details see: http://ftp.isc.org/isc/bind9/9.11.6/RELEASE-NOTES-bind-9.11.6.html Best, Matthias Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit ae4ca7ef1305a66937a98c687375032c74b1429c Author: Michael Tremer Date: Sat Mar 2 14:09:00 2019 +0000 core129: Ship updated squid Signed-off-by: Michael Tremer commit aa88b2ef592401863585d7f6fc1eb7b63849f7d0 Author: Matthias Fischer Date: Sat Mar 2 21:08:06 2019 +0100 squid: Update to 4.6 For details see: http://www.squid-cache.org/Versions/v4/changesets/ The 'configure'-option "--disable-ipv6" was removed, it is no longer necessary. See: https://lists.ipfire.org/pipermail/development/2016-April/002046.html "The --disable-ipv6 build option is now deprecated. ... Squid-3.5.7 and later will perform IPv6 availability tests on startup in all builds. - Where IPv6 is unavailable Squid will continue exactly as it would have had the build option not been used. These Squid can have the build option removed now." The warning message concerning a "BCP 177 violation" while starting 'squid' can be ignored. Best, Matthias Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit e1982c695c6faf86fb74c48c151985acb1f9250e Author: Michael Tremer Date: Sat Mar 2 13:24:44 2019 +0000 spectre-meltdown-checker: New package This makes it easy to install the script and check the vulnerability status of a system IPFire is running on. Signed-off-by: Michael Tremer commit 771c9b78eeb54a405608884dc3a4e9e5fa961b1a Author: Michael Tremer Date: Sat Mar 2 13:01:42 2019 +0000 binutils: Ship strings & readelf This is needed by the spectre meltdown checker script Signed-off-by: Michael Tremer commit d6af912c83827b231eb989ff1349a3243fd52902 Author: Michael Tremer Date: Sat Mar 2 12:01:06 2019 +0000 Update German translation Mainly adds translation for new IPsec features Signed-off-by: Michael Tremer commit fb47c465e8e46c3a0c22fb9b2575eec2adb3ad82 Author: Stéphane Pautrel Date: Sat Mar 2 11:48:05 2019 +0000 Update of French translation - Several syntax / vocabulary improvements - A 2 text missing in the French version - Improvement of text offering a donation for the users Signed-off-by: Michael Tremer commit ebda3cb93b2227831ced8e55bdf8c05139304819 Author: Michael Tremer Date: Wed Feb 27 03:52:26 2019 +0000 Update openssl rootfile Signed-off-by: Michael Tremer commit f907865389cb8e0b8cf8ab962dd03a07c4bf04a8 Author: Michael Tremer Date: Tue Feb 26 17:25:11 2019 +0000 core129: Ship updated OpenSSL Signed-off-by: Michael Tremer commit 7c85ff1362c3ebc3d9d54f4ac31dc8eebbc4c530 Author: Michael Tremer Date: Tue Feb 26 16:42:49 2019 +0000 openssl: Update to 1.1.1b This is a bug fix only release Signed-off-by: Michael Tremer commit 31672dc8bdb223ebf425ff96be64318f2d68e0d7 Author: Michael Tremer Date: Tue Feb 26 11:02:56 2019 +0000 DHCP: Fix error when editing a newly added fixed lease They key was remembered but then the array was sorted which resulted the key showing a wrong line. Signed-off-by: Michael Tremer commit 4eb23a91987a39c504e10d96d89bd1de46f9c0fe Author: Michael Tremer Date: Tue Feb 26 10:18:33 2019 +0000 DHCP: Restart server in background This allows for the CGI to return quicker. Signed-off-by: Michael Tremer commit 820ab96c6927c4e3ecbbe2df1342b635cc598ce7 Author: Michael Tremer Date: Tue Feb 26 10:16:21 2019 +0000 DHCP: Escape slashes in filename Fixes: #12006 Signed-off-by: Michael Tremer commit 2f7e8b59a69e3b1ca14a1d6c6b2ccb62e118a1f0 Author: Michael Tremer Date: Mon Feb 25 02:31:23 2019 +0000 core129: Ship updated credits.cgi Signed-off-by: Michael Tremer commit f6a1d9e929041315d122ddd0babed554bdaeb23f Author: Michael Tremer Date: Mon Feb 25 02:30:56 2019 +0000 Update list of contributors Signed-off-by: Michael Tremer commit 97499aa8a3c7b85de7609126f77ec41ab03cf469 Author: Michael Tremer Date: Mon Feb 25 02:29:29 2019 +0000 core129: Ship updated OpenVPN Signed-off-by: Michael Tremer commit ab83c4876a83c643d64d128828f50146710b7799 Author: Erik Kapfer Date: Tue Feb 26 11:56:47 2019 +0100 OpenVPN: Update to version 2.4.7 Changelog can be found in here https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24 . Signed-off-by: Erik Kapfer Signed-off-by: Michael Tremer commit 82b405615f47bb1dc34f4a3b488cb282058e9be3 Author: Peter Müller Date: Sat Feb 23 16:54:00 2019 +0000 update Tor to 0.3.5.8 See https://blog.torproject.org/new-releases-tor-0402-alpha-0358-03411-and-03312 for release notes. Signed-off-by: Peter Müller Signed-off-by: Michael Tremer commit 0675a66d83d8a06f29e33e7c9533cfac676b1720 Author: Peter Müller Date: Sat Feb 23 16:54:00 2019 +0000 update metrics links in Tor WebUI https://atlas.torproject.org/ is deprecated in favour of https://metrics.torproject.org/ by now. Fixes #11781. Signed-off-by: Peter Müller Signed-off-by: Michael Tremer commit cc0104dce371265e15484d666606b33d924cc609 Author: Michael Tremer Date: Mon Feb 25 00:58:04 2019 +0000 core129: Ship updated libgcrypt Signed-off-by: Michael Tremer commit b66c2faac28aa63d4b8a1275ee9b7d224deeb786 Author: Peter Müller Date: Sat Feb 23 16:58:00 2019 +0000 libgcrypt: update to 1.8.4 Signed-off-by: Peter Müller Signed-off-by: Michael Tremer commit 07b73b195c8c6cf40cd80ed323e7719f77ebb96e Author: Michael Tremer Date: Mon Feb 25 00:56:49 2019 +0000 core129: Ship updated unbound Signed-off-by: Michael Tremer commit 97a238f4bf11d8f1964c764216bc55020a54e3d4 Author: Matthias Fischer Date: Sat Feb 9 10:40:36 2019 +0100 unbound: Update to 1.9.0 For details see: https://nlnetlabs.nl/svn/unbound/tags/release-1.9.0/doc/Changelog Best, Matthias Signed-off-by: Matthias Fischer Signed-off-by: Michael Tremer commit 59db01c753d0a6240ccfd10e3561e88958fc1da0 Author: Michael Tremer Date: Mon Feb 25 00:55:31 2019 +0000 core129: Ship changes from ipsec branch Signed-off-by: Michael Tremer commit 50d1bbf0f56b76148f10bbe2195df45ad3b60cb3 Merge: b5ef99df2 8be516b3b Author: Michael Tremer Date: Mon Feb 25 00:48:08 2019 +0000 Merge branch 'ipsec' into next commit b5ef99df2c34d9e9f614c0b3d57d32a8890139c0 Author: Michael Tremer Date: Mon Feb 25 00:47:28 2019 +0000 Start Core Update 129 Signed-off-by: Michael Tremer commit 8be516b3bcc2b9f30f8d44f44450be57b68d0025 Author: Michael Tremer Date: Mon Feb 4 18:38:24 2019 +0000 strongswan: Do not create any NAT rules when using VTI/GRE Signed-off-by: Michael Tremer commit 41f3351320d603d2445471743c7e1c72e435eda6 Author: Michael Tremer Date: Tue Jan 22 13:19:00 2019 +0000 Drop "OpenVPN" part from VPN N2N stats page Signed-off-by: Michael Tremer commit 1e2b25778909f3e64bdbe67ec81fa5937940a594 Author: Michael Tremer Date: Tue Jan 22 13:15:48 2019 +0000 Add routed IPsec connections to traffic graphs section Signed-off-by: Michael Tremer commit 7ba652af8c16d9d0c84292cdc75f35af5cd628f3 Author: Michael Tremer Date: Tue Jan 22 12:46:53 2019 +0000 firewall: Write correct rules bound to interface for routes IPsec tunnels Signed-off-by: Michael Tremer commit f9dd13464554b7b7915a7f792fcdf0b96381ccf0 Author: Michael Tremer Date: Tue Jan 22 11:34:49 2019 +0000 ipsec-interfaces: Resolve any remote hostnames Signed-off-by: Michael Tremer commit d985ce5ae91b5749b629ad24a028249bfbd76372 Author: Michael Tremer Date: Tue Jan 22 11:26:32 2019 +0000 ipsec-interfaces: Move conditional block into the loop Signed-off-by: Michael Tremer commit 38f6bdb74081bd68493d6636a20cda9b884d6bff Author: Michael Tremer Date: Mon Jan 21 17:40:12 2019 +0000 ipsec: Drop delayed restart setting This is a very bad race-condition situation and is not solved by an unintuitive setting. Signed-off-by: Michael Tremer commit 517683eeb17637acfda9895fd64d9347cde7e08e Author: Michael Tremer Date: Mon Jan 21 17:08:57 2019 +0000 ipsec: Drop VPN_IP setting This is now a per-connection setting Signed-off-by: Michael Tremer commit 26c2cc580b37ee4ae7ad68c874ba844eafa79ae4 Author: Michael Tremer Date: Mon Jan 21 16:52:39 2019 +0000 ipsec: Add translation strings for recent changes Signed-off-by: Michael Tremer commit 68263645802e5eb00350fbd50a90fe2583186ec2 Author: Michael Tremer Date: Mon Jan 21 16:44:03 2019 +0000 ipsec-*: Name some more configuration variables Signed-off-by: Michael Tremer commit 1ca2f88a74caa32f534434f4b095bde6107d7760 Author: Michael Tremer Date: Mon Jan 21 16:41:16 2019 +0000 ipsec-interfaces: Uses local IP address from connection first, then default Signed-off-by: Michael Tremer commit c32fc72e36daf8510949aa8a0fea695cc080c9d3 Author: Michael Tremer Date: Mon Jan 21 16:33:53 2019 +0000 ipsec-policy: Correct open ports for connections on aliases Signed-off-by: Michael Tremer commit ae0d069827a3ca07b6688869a108d7edce268b32 Author: Michael Tremer Date: Mon Jan 21 16:20:13 2019 +0000 ipsec: Allow to select local IP address used for peer on UI Signed-off-by: Michael Tremer commit 455fdcb17a1c826f7d979368716def3884a5e590 Author: Michael Tremer Date: Mon Jan 21 15:36:16 2019 +0000 ipsec: Re-arrange inputs for peer addresses, subnets, etc. Signed-off-by: Michael Tremer commit 7e25093d42e4198cc0f0233e5303fa2175672095 Author: Michael Tremer Date: Mon Jan 21 15:32:08 2019 +0000 ipsec: Don't allow to select VTI in transport mode Signed-off-by: Michael Tremer commit 605c391aafd73583edaf4378fca62cae61afa3a0 Author: Michael Tremer Date: Mon Jan 21 14:34:19 2019 +0000 vpnmain.cgi: Don't populate GREEN subnet when green doesn't exist Signed-off-by: Michael Tremer commit c94aa254759e544aa8dd50bb5c4c370ac97e78e6 Author: Michael Tremer Date: Wed Jan 16 20:29:25 2019 +0100 ipsec-interfaces: Fix typo in variable name Signed-off-by: Michael Tremer commit 327d1223f3564660a1d02181e32ae119318fc7a6 Author: Michael Tremer Date: Wed Jan 9 20:23:42 2019 +0100 strongswan: No longer create any routes automatically Signed-off-by: Michael Tremer commit c821440cedffe2a2d464c473130f1991b061b791 Author: Michael Tremer Date: Wed Jan 9 20:10:02 2019 +0100 ipsec: Filter better for GRE/VTI interfaces This tried to delete the GREEN interface before Signed-off-by: Michael Tremer commit 6a45a1f1015ff1d23de0f5b7510b00835243c107 Author: Michael Tremer Date: Wed Jan 9 19:56:01 2019 +0100 ipsec: TTL only applies for GRE interfaces and not VTI Signed-off-by: Michael Tremer commit 54bac01402419bf109be43be8832f2a064af3baf Author: Michael Tremer Date: Wed Jan 9 19:52:46 2019 +0100 ipsec: Find correct RED IP address when using %defaultroute Signed-off-by: Michael Tremer commit 3dc21d43bf5aafc1e34032e30bcf05ff493d62f2 Author: Michael Tremer Date: Wed Jan 9 19:52:24 2019 +0100 ipsec: Log a message when an interface could not be created Signed-off-by: Michael Tremer commit 1a45f9a70abe266938d9e6bd6a6ea8858cbbef7e Author: Michael Tremer Date: Mon Dec 10 16:57:12 2018 +0000 ipsec-interfaces: Don't add any interfaces when IPsec is disabled Signed-off-by: Michael Tremer commit a56357b8be20e4a3d31d2a541518b74d6741d57c Author: Michael Tremer Date: Mon Dec 10 16:55:53 2018 +0000 Revert "ipsec-interfaces: Run when IPsec is disabled" This reverts commit 3c3a1cfdb9b473fae9b792e8c211c9940fafc658. Signed-off-by: Michael Tremer commit 216bd9b389b984dd991d1a9011901e68ef5f0a6b Author: Michael Tremer Date: Mon Dec 10 16:44:06 2018 +0000 vpnmain.cgi: Move advanced IPsec settings to connection page This is required to make the initial setup easier for GRE/VTI connections Signed-off-by: Michael Tremer commit 4cf038dcfeec1cbba5e1453e776d02976eef9524 Author: Michael Tremer Date: Mon Dec 10 16:08:58 2018 +0000 ipsec-interfaces: Run when IPsec is disabled This needs to run even when IPsec is disable to remove and interfaces Signed-off-by: Michael Tremer commit 05af70c2f32988cc38f1c50d37e8d191170a26ce Author: Michael Tremer Date: Mon Dec 10 16:01:00 2018 +0000 ipsec-interfaces: Use correct righthost variable Signed-off-by: Michael Tremer commit f2d45a45ab78d6b2a557d515d84785a8daaa182f Author: Michael Tremer Date: Wed Dec 5 17:10:16 2018 +0000 IPsec: Do not allow 0.0.0.0/0 as remote subnet This renders the whole machine inaccessible Signed-off-by: Michael Tremer commit 68e69b676fa5e588cbf1db951aa9cbc4547e8b55 Author: Michael Tremer Date: Wed Dec 5 16:24:52 2018 +0000 network: Create IPsec interfaces when network is brought up Signed-off-by: Michael Tremer commit 3446a17293bfcbda19a353b755aa9d61530074ad Author: Michael Tremer Date: Wed Dec 5 16:23:06 2018 +0000 ipsecctrl: Call ipsec-interfaces script when turning up/shutting down connections Signed-off-by: Michael Tremer commit b8c153bca5064a2e40e5c71be91df30b520e4824 Author: Michael Tremer Date: Wed Dec 5 16:12:48 2018 +0000 IPsec: Add (experimental) script that creates GRE/VTI interfaces Signed-off-by: root commit 90aa4f1083c28a95d74bae58876bbd77c691771c Author: Michael Tremer Date: Mon Dec 3 11:21:29 2018 +0000 IPsec: Use left/rightprotoport in GRE mode Signed-off-by: Michael Tremer commit b89ae1a4e3596153a192da3f220dc54565078cac Author: Michael Tremer Date: Thu Nov 29 16:12:45 2018 +0000 ipsecctrl: Don't wait when a connection is to be started Signed-off-by: Michael Tremer commit 5a9c9ff3127e3266b4dd00dd0a57f9774647db27 Author: Michael Tremer Date: Thu Nov 29 16:00:52 2018 +0000 ipsec-policy: Don't install any block rules for connections with an interface Signed-off-by: Michael Tremer commit b54cd874b9c3f566cf65d290f13982c134c5a28b Author: Michael Tremer Date: Thu Nov 29 15:58:55 2018 +0000 ipsec-policy: Permit GRE traffic for GRE connections Signed-off-by: Michael Tremer commit 2704dbbc28c0192d4b3dcd903496c2fb37e87c2e Author: Michael Tremer Date: Thu Nov 29 15:58:39 2018 +0000 ipsec-policy: Variables don't match those from the CGI Signed-off-by: Michael Tremer commit 4cf4f8f62310e508173de650b867ded5933d7d56 Author: Michael Tremer Date: Thu Nov 29 15:45:52 2018 +0000 ipsec-policy: Parse all configuration settings Signed-off-by: Michael Tremer commit 6cf8bc9161c21dd7c274d09473ab46e3094204ac Author: Michael Tremer Date: Thu Nov 29 15:43:39 2018 +0000 IPsec: Move opening ports from ipsecctrl into ipsec-policy script Signed-off-by: Michael Tremer commit 6c920b19cd768445a66f5be58c4701b878d5b943 Author: Michael Tremer Date: Thu Nov 29 15:04:28 2018 +0000 IPsec: Rename ipsec-block script to ipsec-policy This is a more general name for a script that will be extended soon to do more than just add blocking rules. Signed-off-by: Michael Tremer commit b01c17e9d0096c87185dfd1e04d712ec225d25aa Author: Michael Tremer Date: Wed Nov 28 20:37:32 2018 +0000 IPsec: Update ipsec.conf for GRE/VTI changes Signed-off-by: Michael Tremer commit 55842dda690b077eeb3b0ed0af8f06827ef03f43 Author: Michael Tremer Date: Wed Nov 28 14:46:15 2018 +0000 IPsec: Add UI for set interface MTU Signed-off-by: Michael Tremer commit 746413170688bc0e05d689fe539bea716752f34f Author: Michael Tremer Date: Wed Nov 28 14:38:11 2018 +0000 IPsec: Add option to configure IP address for tunnel interface Signed-off-by: Michael Tremer commit 8ebe72541619278f97fc0be145057f5fc59581c6 Author: Michael Tremer Date: Wed Nov 28 14:24:03 2018 +0000 IPsec: Set default inactivity timeout to half an hour Signed-off-by: Michael Tremer commit 1e9457ac6fa032dc9e7d9f01e3780236e544ef6b Author: Michael Tremer Date: Wed Nov 28 14:23:26 2018 +0000 IPsec: New connections should defatul to on-demand mode Signed-off-by: Michael Tremer commit cae1f4a7a82f47703afb0cc25ff71f7585b28c2b Author: Michael Tremer Date: Wed Nov 28 14:21:33 2018 +0000 IPsec: Add dropdown to select tunnel interface mode Signed-off-by: Michael Tremer commit 5e6fa03e1ec00bbecf4c786c9e097617ec7f8aa3 Author: Michael Tremer Date: Wed Nov 28 14:07:30 2018 +0000 vpnmain.cgi: Correctly carry over INACTIVITY_TIMEOUT Signed-off-by: Michael Tremer commit 326728d53d1ed4cedf8d180ab51ddfedb1488045 Author: Michael Tremer Date: Tue Nov 27 18:42:07 2018 +0000 IPsec: Write tunnel/transport mode to strongSwan configuration Signed-off-by: Michael Tremer commit 29f5e0e2b9e0f3996ade9d9ba5a8834ae8480f28 Author: Michael Tremer Date: Tue Nov 27 18:38:51 2018 +0000 IPsec: Add selection for transport/tunnel mode Signed-off-by: Michael Tremer ----------------------------------------------------------------------- hooks/post-receive -- IPFire 2.x development tree